Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2023-3171
Vulnerability from cvelistv5
Published
2023-12-27 15:45
Modified
2024-08-02 06:48
Severity ?
EPSS score ?
Summary
A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Red Hat | EAP 7.4.13 |
cpe:/a:redhat:jboss_enterprise_application_platform:7.4 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T06:48:08.117Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2023:5484", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2023:5484", }, { name: "RHSA-2023:5485", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2023:5485", }, { name: "RHSA-2023:5486", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2023:5486", }, { name: "RHSA-2023:5488", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2023:5488", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { name: "RHBZ#2213639", tags: [ "issue-tracking", "x_refsource_REDHAT", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4", ], defaultStatus: "unaffected", packageName: "server", product: "EAP 7.4.13", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", ], defaultStatus: "affected", packageName: "eap7-activemq-artemis", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:2.16.0-15.redhat_00049.1.el8eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", ], defaultStatus: "affected", packageName: "eap7-bouncycastle", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.76.0-4.redhat_00001.1.el8eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", ], defaultStatus: "affected", packageName: "eap7-hal-console", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:3.3.19-1.Final_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", ], defaultStatus: "affected", packageName: "eap7-hibernate", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:5.3.31-1.Final_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", ], defaultStatus: "affected", packageName: "eap7-ironjacamar", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.5.15-1.Final_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", ], defaultStatus: "affected", packageName: "eap7-jboss-marshalling", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:2.0.13-2.SP1_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", ], defaultStatus: "affected", packageName: "eap7-jboss-modules", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.12.2-1.Final_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", ], defaultStatus: "affected", packageName: "eap7-jboss-server-migration", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.10.0-31.Final_redhat_00030.1.el8eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", ], defaultStatus: "affected", packageName: "eap7-jboss-xnio-base", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:3.8.10-1.Final_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", ], defaultStatus: "affected", packageName: "eap7-mod_cluster", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.4.5-1.Final_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", ], defaultStatus: "affected", packageName: "eap7-netty", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.1.94-1.Final_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", ], defaultStatus: "affected", packageName: "eap7-netty-transport-native-epoll", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.1.94-1.Final_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", ], defaultStatus: "affected", packageName: "eap7-resteasy", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:3.15.8-1.Final_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", ], defaultStatus: "affected", packageName: "eap7-undertow", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:2.2.26-1.SP1_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", ], defaultStatus: "affected", packageName: "eap7-wildfly", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:7.4.13-8.GA_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", ], defaultStatus: "affected", packageName: "eap7-wildfly-elytron", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.15.20-1.Final_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", ], defaultStatus: "affected", packageName: "eap7-activemq-artemis", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:2.16.0-15.redhat_00049.1.el9eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", ], defaultStatus: "affected", packageName: "eap7-bouncycastle", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.76.0-4.redhat_00001.1.el9eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", ], defaultStatus: "affected", packageName: "eap7-hal-console", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:3.3.19-1.Final_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", ], defaultStatus: "affected", packageName: "eap7-hibernate", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:5.3.31-1.Final_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", ], defaultStatus: "affected", packageName: "eap7-ironjacamar", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.5.15-1.Final_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", ], defaultStatus: "affected", packageName: "eap7-jboss-marshalling", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:2.0.13-2.SP1_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", ], defaultStatus: "affected", packageName: "eap7-jboss-modules", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.12.2-1.Final_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", ], defaultStatus: "affected", packageName: "eap7-jboss-server-migration", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.10.0-31.Final_redhat_00030.1.el9eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", ], defaultStatus: "affected", packageName: "eap7-jboss-xnio-base", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:3.8.10-1.Final_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", ], defaultStatus: "affected", packageName: "eap7-mod_cluster", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.4.5-1.Final_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", ], defaultStatus: "affected", packageName: "eap7-netty", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.1.94-1.Final_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", ], defaultStatus: "affected", packageName: "eap7-netty-transport-native-epoll", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.1.94-1.Final_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", ], defaultStatus: "affected", packageName: "eap7-resteasy", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:3.15.8-1.Final_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", ], defaultStatus: "affected", packageName: "eap7-undertow", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:2.2.26-1.SP1_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", ], defaultStatus: "affected", packageName: "eap7-wildfly", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:7.4.13-8.GA_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", ], defaultStatus: "affected", packageName: "eap7-wildfly-elytron", product: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.15.20-1.Final_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", ], defaultStatus: "affected", packageName: "eap7-activemq-artemis", product: "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:2.16.0-15.redhat_00049.1.el7eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", ], defaultStatus: "affected", packageName: "eap7-bouncycastle", product: "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.76.0-4.redhat_00001.1.el7eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", ], defaultStatus: "affected", packageName: "eap7-hal-console", product: "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:3.3.19-1.Final_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", ], defaultStatus: "affected", packageName: "eap7-hibernate", product: "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:5.3.31-1.Final_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", ], defaultStatus: "affected", packageName: "eap7-ironjacamar", product: "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.5.15-1.Final_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", ], defaultStatus: "affected", packageName: "eap7-jboss-marshalling", product: "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:2.0.13-2.SP1_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", ], defaultStatus: "affected", packageName: "eap7-jboss-modules", product: "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.12.2-1.Final_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", ], defaultStatus: "affected", packageName: "eap7-jboss-server-migration", product: "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.10.0-31.Final_redhat_00030.1.el7eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", ], defaultStatus: "affected", packageName: "eap7-jboss-xnio-base", product: "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:3.8.10-1.Final_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", ], defaultStatus: "affected", packageName: "eap7-mod_cluster", product: "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.4.5-1.Final_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", ], defaultStatus: "affected", packageName: "eap7-netty", product: "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.1.94-1.Final_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", ], defaultStatus: "affected", packageName: "eap7-netty-transport-native-epoll", product: "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.1.94-1.Final_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", ], defaultStatus: "affected", packageName: "eap7-resteasy", product: "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:3.15.8-1.Final_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", ], defaultStatus: "affected", packageName: "eap7-undertow", product: "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:2.2.26-1.SP1_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", ], defaultStatus: "affected", packageName: "eap7-wildfly", product: "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:7.4.13-8.GA_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", ], defaultStatus: "affected", packageName: "eap7-wildfly-elytron", product: "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.15.20-1.Final_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, ], datePublic: "2023-10-05T00:00:00+00:00", descriptions: [ { lang: "en", value: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", }, ], metrics: [ { other: { content: { namespace: "https://access.redhat.com/security/updates/classification/", value: "Important", }, type: "Red Hat severity rating", }, }, { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-789", description: "Memory Allocation with Excessive Size Value", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-05-03T15:32:36.759Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2023:5484", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2023:5484", }, { name: "RHSA-2023:5485", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2023:5485", }, { name: "RHSA-2023:5486", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2023:5486", }, { name: "RHSA-2023:5488", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2023:5488", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", ], url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { name: "RHBZ#2213639", tags: [ "issue-tracking", "x_refsource_REDHAT", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, ], timeline: [ { lang: "en", time: "2023-04-20T00:00:00+00:00", value: "Reported to Red Hat.", }, { lang: "en", time: "2023-10-05T00:00:00+00:00", value: "Made public.", }, ], title: "Eap-7: heap exhaustion via deserialization", x_redhatCweChain: "CWE-789: Memory Allocation with Excessive Size Value", }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2023-3171", datePublished: "2023-12-27T15:45:33.293Z", dateReserved: "2023-06-08T19:52:58.072Z", dateUpdated: "2024-08-02T06:48:08.117Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"645A908C-18C2-4AB1-ACE7-3969E3A552A5\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4CFF558-3C47-480D-A2F0-BABF26042943\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:jboss_enterprise_application_platform:-:*:*:*:text-only:*:*:*\", \"matchCriteriaId\": \"B8423D7F-3A8F-4AD8-BF51-245C9D8DD816\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.\"}, {\"lang\": \"es\", \"value\": \"Se encontr\\u00f3 una falla en EAP-7 durante la deserializaci\\u00f3n de ciertas clases, lo que permite la creaci\\u00f3n de instancias de HashMap y HashTable sin verificar los recursos consumidos. Este problema podr\\u00eda permitir que un atacante env\\u00ede solicitudes maliciosas utilizando estas clases, lo que eventualmente podr\\u00eda agotar el mont\\u00f3n y provocar una denegaci\\u00f3n de servicio.\"}]", id: "CVE-2023-3171", lastModified: "2024-11-21T08:16:37.137", metrics: "{\"cvssMetricV31\": [{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}", published: "2023-12-27T16:15:13.103", references: "[{\"url\": \"https://access.redhat.com/errata/RHSA-2023:5484\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:5485\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:5486\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:5488\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2023-3171\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2213639\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:5484\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:5485\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:5486\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2023:5488\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2023-3171\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2213639\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}]", sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-789\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-770\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2023-3171\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2023-12-27T16:15:13.103\",\"lastModified\":\"2024-11-21T08:16:37.137\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.\"},{\"lang\":\"es\",\"value\":\"Se encontró una falla en EAP-7 durante la deserialización de ciertas clases, lo que permite la creación de instancias de HashMap y HashTable sin verificar los recursos consumidos. Este problema podría permitir que un atacante envíe solicitudes maliciosas utilizando estas clases, lo que eventualmente podría agotar el montón y provocar una denegación de servicio.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-789\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"645A908C-18C2-4AB1-ACE7-3969E3A552A5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F6FB57C-2BC7-487C-96DD-132683AEB35D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:-:*:*:*:text-only:*:*:*\",\"matchCriteriaId\":\"B8423D7F-3A8F-4AD8-BF51-245C9D8DD816\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2023:5484\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:5485\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:5486\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:5488\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/CVE-2023-3171\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2213639\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:5484\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:5485\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:5486\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2023:5488\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/CVE-2023-3171\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2213639\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]}]}}", }, }
rhsa-2023:5488
Vulnerability from csaf_redhat
Published
2023-10-05 20:18
Modified
2025-03-24 12:02
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)
* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)
* nodejs-semver: Regular expression denial of service (CVE-2022-25883)
* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)
* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)
* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)
* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)\n\n* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)\n\n* nodejs-semver: Regular expression denial of service (CVE-2022-25883)\n\n* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)\n\n* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)\n\n* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)\n\n* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:5488", url: "https://access.redhat.com/errata/RHSA-2023:5488", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches&product=appplatform&version=7.4", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches&product=appplatform&version=7.4", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", }, { category: "external", summary: "2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "JBEAP-24667", url: "https://issues.redhat.com/browse/JBEAP-24667", }, { category: "external", summary: "JBEAP-24966", url: "https://issues.redhat.com/browse/JBEAP-24966", }, { category: "external", summary: "JBEAP-24985", url: "https://issues.redhat.com/browse/JBEAP-24985", }, { category: "external", summary: "JBEAP-25032", url: "https://issues.redhat.com/browse/JBEAP-25032", }, { category: "external", summary: "JBEAP-25033", url: "https://issues.redhat.com/browse/JBEAP-25033", }, { category: "external", summary: "JBEAP-25078", url: "https://issues.redhat.com/browse/JBEAP-25078", }, { category: "external", summary: "JBEAP-25122", url: "https://issues.redhat.com/browse/JBEAP-25122", }, { category: "external", summary: "JBEAP-25135", url: "https://issues.redhat.com/browse/JBEAP-25135", }, { category: "external", summary: "JBEAP-25186", url: "https://issues.redhat.com/browse/JBEAP-25186", }, { category: "external", summary: "JBEAP-25200", url: "https://issues.redhat.com/browse/JBEAP-25200", }, { category: "external", summary: "JBEAP-25225", url: "https://issues.redhat.com/browse/JBEAP-25225", }, { category: "external", summary: "JBEAP-25261", url: "https://issues.redhat.com/browse/JBEAP-25261", }, { category: "external", summary: "JBEAP-25285", url: "https://issues.redhat.com/browse/JBEAP-25285", }, { category: "external", summary: "JBEAP-25312", url: "https://issues.redhat.com/browse/JBEAP-25312", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5488.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update", tracking: { current_release_date: "2025-03-24T12:02:27+00:00", generator: { date: "2025-03-24T12:02:27+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2023:5488", initial_release_date: "2023-10-05T20:18:28+00:00", revision_history: [ { date: "2023-10-05T20:18:28+00:00", number: "1", summary: "Initial version", }, { date: "2023-10-05T20:18:28+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-24T12:02:27+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "EAP 7.4.13", product: { name: "EAP 7.4.13", product_id: "EAP 7.4.13", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2022-25883", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2023-06-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216475", }, ], notes: [ { category: "description", text: "A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size, resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-semver: Regular expression denial of service", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Advanced Cluster Management for Kubernetes-2 and Red Hat Advanced Cluster Security-3 has been marked as Low severity because node-semver is a Dev dependency for those, used only during the build process, and not used in customer environments.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM) the server-regexp dependency is protected by OAuth what is reducing impact by this flaw to Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "EAP 7.4.13", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25883", }, { category: "external", summary: "RHBZ#2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25883", url: "https://www.cve.org/CVERecord?id=CVE-2022-25883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", }, { category: "external", summary: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", url: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", url: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", }, ], release_date: "2023-06-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:18:28+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "EAP 7.4.13", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5488", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "EAP 7.4.13", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nodejs-semver: Regular expression denial of service", }, { cve: "CVE-2023-3171", cwe: { id: "CWE-789", name: "Memory Allocation with Excessive Size Value", }, discovery_date: "2023-04-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2213639", }, ], notes: [ { category: "description", text: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "eap-7: heap exhaustion via deserialization", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "EAP 7.4.13", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { category: "external", summary: "RHBZ#2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3171", url: "https://www.cve.org/CVERecord?id=CVE-2023-3171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:18:28+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "EAP 7.4.13", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5488", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "EAP 7.4.13", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "eap-7: heap exhaustion via deserialization", }, { cve: "CVE-2023-4061", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-08-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2228608", }, ], notes: [ { category: "description", text: "A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system.", title: "Vulnerability description", }, { category: "summary", text: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability requires a malicious user to previously have access to the system, especially access to the HAL interface via browser and logged with a management user who have access to the resolve-expression method, hence the moderate impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "EAP 7.4.13", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-4061", }, { category: "external", summary: "RHBZ#2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-4061", url: "https://www.cve.org/CVERecord?id=CVE-2023-4061", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:18:28+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "EAP 7.4.13", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5488", }, { category: "workaround", details: "Wildfly administrators are recommended to use Vault, especially the Elytron subsystem, to store potential critical information such as DNS, IPs, and credentials.", product_ids: [ "EAP 7.4.13", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "EAP 7.4.13", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", }, { acknowledgments: [ { names: [ "Kokorin Vsevolod", ], }, ], cve: "CVE-2023-26136", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, discovery_date: "2023-07-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2219310", }, ], notes: [ { category: "description", text: "A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.", title: "Vulnerability description", }, { category: "summary", text: "tough-cookie: prototype pollution in cookie memstore", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "EAP 7.4.13", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26136", }, { category: "external", summary: "RHBZ#2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26136", url: "https://www.cve.org/CVERecord?id=CVE-2023-26136", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", url: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/issues/282", url: "https://github.com/salesforce/tough-cookie/issues/282", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", url: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", }, { category: "external", summary: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", url: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", }, ], release_date: "2023-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:18:28+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "EAP 7.4.13", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5488", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "EAP 7.4.13", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tough-cookie: prototype pollution in cookie memstore", }, { cve: "CVE-2023-26464", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-03-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2182864", }, ], notes: [ { category: "description", text: "A flaw was found in Chainsaw and SocketAppender components with Log4j 1.x on JRE, less than 1.7. This issue may allow an attacker to use a logging entry with a specially-crafted hashmap or hashtable, depending on which logging component is in use, to process and exhaust the available memory in the virtual machine, resulting in a Denial of Service when the object is deserialized. This issue affects Apache Log4j before version 2.", title: "Vulnerability description", }, { category: "summary", text: "log4j1-socketappender: DoS via hashmap logging", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8 and 9 security impacts have been reduced to Low as they do not enable the vulnerable JDK by default.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "EAP 7.4.13", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26464", }, { category: "external", summary: "RHBZ#2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26464", url: "https://www.cve.org/CVERecord?id=CVE-2023-26464", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", }, { category: "external", summary: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", url: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", }, ], release_date: "2023-03-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:18:28+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "EAP 7.4.13", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5488", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "EAP 7.4.13", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "EAP 7.4.13", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j1-socketappender: DoS via hashmap logging", }, { cve: "CVE-2023-33201", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-06-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2215465", }, ], notes: [ { category: "description", text: "A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain unauthorized information via blind LDAP Injection, exploring the environment and enumerating data. The exploit depends on the structure of the target LDAP directory as well as what kind of errors are exposed to the user.", title: "Vulnerability description", }, { category: "summary", text: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "EAP 7.4.13", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-33201", }, { category: "external", summary: "RHBZ#2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-33201", url: "https://www.cve.org/CVERecord?id=CVE-2023-33201", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", }, { category: "external", summary: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", url: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", }, ], release_date: "2023-06-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:18:28+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "EAP 7.4.13", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5488", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "EAP 7.4.13", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", }, { cve: "CVE-2023-34462", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2023-06-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216888", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's SniHandler while navigating TLS handshake which may permit a large heap allocation if the handler did not have a timeout configured. This issue may allow an attacker to send a client hello packet which would cause the server to buffer large amounts of data per connection, potentially causing an out of memory error, resulting in Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "netty: SniHandler 16MB allocation leads to OOM", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "EAP 7.4.13", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-34462", }, { category: "external", summary: "RHBZ#2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-34462", url: "https://www.cve.org/CVERecord?id=CVE-2023-34462", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", }, ], release_date: "2023-06-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:18:28+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "EAP 7.4.13", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5488", }, { category: "workaround", details: "Configuration of SniHandler with an idle timeout will mitigate this issue.", product_ids: [ "EAP 7.4.13", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "EAP 7.4.13", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: SniHandler 16MB allocation leads to OOM", }, ], }
RHSA-2023:5486
Vulnerability from csaf_redhat
Published
2023-10-06 03:41
Modified
2025-03-24 12:02
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update on RHEL 9
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)
* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)
* nodejs-semver: Regular expression denial of service (CVE-2022-25883)
* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)
* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)
* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)
* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)\n\n* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)\n\n* nodejs-semver: Regular expression denial of service (CVE-2022-25883)\n\n* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)\n\n* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)\n\n* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)\n\n* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:5486", url: "https://access.redhat.com/errata/RHSA-2023:5486", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", }, { category: "external", summary: "2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "JBEAP-24667", url: "https://issues.redhat.com/browse/JBEAP-24667", }, { category: "external", summary: "JBEAP-24799", url: "https://issues.redhat.com/browse/JBEAP-24799", }, { category: "external", summary: "JBEAP-24966", url: "https://issues.redhat.com/browse/JBEAP-24966", }, { category: "external", summary: "JBEAP-24985", url: "https://issues.redhat.com/browse/JBEAP-24985", }, { category: "external", summary: "JBEAP-25032", url: "https://issues.redhat.com/browse/JBEAP-25032", }, { category: "external", summary: "JBEAP-25033", url: "https://issues.redhat.com/browse/JBEAP-25033", }, { category: "external", summary: "JBEAP-25078", url: "https://issues.redhat.com/browse/JBEAP-25078", }, { category: "external", summary: "JBEAP-25122", url: "https://issues.redhat.com/browse/JBEAP-25122", }, { category: "external", summary: "JBEAP-25135", url: "https://issues.redhat.com/browse/JBEAP-25135", }, { category: "external", summary: "JBEAP-25186", url: "https://issues.redhat.com/browse/JBEAP-25186", }, { category: "external", summary: "JBEAP-25200", url: "https://issues.redhat.com/browse/JBEAP-25200", }, { category: "external", summary: "JBEAP-25225", url: "https://issues.redhat.com/browse/JBEAP-25225", }, { category: "external", summary: "JBEAP-25261", url: "https://issues.redhat.com/browse/JBEAP-25261", }, { category: "external", summary: "JBEAP-25285", url: "https://issues.redhat.com/browse/JBEAP-25285", }, { category: "external", summary: "JBEAP-25312", url: "https://issues.redhat.com/browse/JBEAP-25312", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5486.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update on RHEL 9", tracking: { current_release_date: "2025-03-24T12:02:36+00:00", generator: { date: "2025-03-24T12:02:36+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2023:5486", initial_release_date: "2023-10-06T03:41:07+00:00", revision_history: [ { date: "2023-10-06T03:41:07+00:00", number: "1", summary: "Initial version", }, { date: "2023-10-06T03:41:07+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-24T12:02:36+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss EAP 7.4 for RHEL 9", product: { name: "Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.20-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", product: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", product_id: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-undertow@2.2.26-1.SP1_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-mod_cluster@1.4.5-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", product: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", product_id: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-31.Final_redhat_00030.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.94-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", product: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", product_id: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.13-2.SP1_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.10-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hal-console@3.3.19-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar@1.5.15-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-modules@1.12.2-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", product: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", product_id: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-15.redhat_00049.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", product: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", product_id: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.76.0-4.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.94-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", product: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", product_id: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.13-8.GA_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy@3.15.8-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate@5.3.31-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.20-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.20-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", product: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", product_id: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-undertow@2.2.26-1.SP1_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-mod_cluster@1.4.5-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product_id: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-31.Final_redhat_00030.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product: { name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product_id: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-31.Final_redhat_00030.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product: { name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product_id: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-31.Final_redhat_00030.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-buffer@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-common@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-rxtx@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-udt@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", product: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", product_id: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.13-2.SP1_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", product: { name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", product_id: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.13-2.SP1_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.10-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hal-console@3.3.19-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-modules@1.12.2-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_id: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.76.0-4.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product: { name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_id: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-mail@1.76.0-4.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product: { name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_id: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-pg@1.76.0-4.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product: { name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_id: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.76.0-4.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product: { name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_id: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-prov@1.76.0-4.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product: { name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_id: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-util@1.76.0-4.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.13-8.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.13-8.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.13-8.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.13-8.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.13-8.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-modules@7.4.13-8.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-cdi@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-client@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-crypto@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jsapi@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-spring@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate@5.3.31-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-core@5.3.31-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-envers@5.3.31-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", product_id: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.94-1.Final_redhat_00001.1.el9eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", product_id: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.94-1.Final_redhat_00001.1.el9eap?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", }, product_reference: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", }, product_reference: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", }, product_reference: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", }, product_reference: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", }, product_reference: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", }, product_reference: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", }, product_reference: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", }, product_reference: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", }, product_reference: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, ], }, vulnerabilities: [ { cve: "CVE-2022-25883", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2023-06-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216475", }, ], notes: [ { category: "description", text: "A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size, resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-semver: Regular expression denial of service", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Advanced Cluster Management for Kubernetes-2 and Red Hat Advanced Cluster Security-3 has been marked as Low severity because node-semver is a Dev dependency for those, used only during the build process, and not used in customer environments.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM) the server-regexp dependency is protected by OAuth what is reducing impact by this flaw to Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25883", }, { category: "external", summary: "RHBZ#2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25883", url: "https://www.cve.org/CVERecord?id=CVE-2022-25883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", }, { category: "external", summary: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", url: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", url: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", }, ], release_date: "2023-06-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T03:41:07+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5486", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nodejs-semver: Regular expression denial of service", }, { cve: "CVE-2023-3171", cwe: { id: "CWE-789", name: "Memory Allocation with Excessive Size Value", }, discovery_date: "2023-04-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2213639", }, ], notes: [ { category: "description", text: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "eap-7: heap exhaustion via deserialization", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { category: "external", summary: "RHBZ#2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3171", url: "https://www.cve.org/CVERecord?id=CVE-2023-3171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T03:41:07+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5486", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "eap-7: heap exhaustion via deserialization", }, { cve: "CVE-2023-4061", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-08-02T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2228608", }, ], notes: [ { category: "description", text: "A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system.", title: "Vulnerability description", }, { category: "summary", text: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability requires a malicious user to previously have access to the system, especially access to the HAL interface via browser and logged with a management user who have access to the resolve-expression method, hence the moderate impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], known_not_affected: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-4061", }, { category: "external", summary: "RHBZ#2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-4061", url: "https://www.cve.org/CVERecord?id=CVE-2023-4061", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T03:41:07+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5486", }, { category: "workaround", details: "Wildfly administrators are recommended to use Vault, especially the Elytron subsystem, to store potential critical information such as DNS, IPs, and credentials.", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", }, { acknowledgments: [ { names: [ "Kokorin Vsevolod", ], }, ], cve: "CVE-2023-26136", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, discovery_date: "2023-07-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2219310", }, ], notes: [ { category: "description", text: "A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.", title: "Vulnerability description", }, { category: "summary", text: "tough-cookie: prototype pollution in cookie memstore", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26136", }, { category: "external", summary: "RHBZ#2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26136", url: "https://www.cve.org/CVERecord?id=CVE-2023-26136", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", url: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/issues/282", url: "https://github.com/salesforce/tough-cookie/issues/282", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", url: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", }, { category: "external", summary: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", url: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", }, ], release_date: "2023-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T03:41:07+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5486", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tough-cookie: prototype pollution in cookie memstore", }, { cve: "CVE-2023-26464", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-03-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2182864", }, ], notes: [ { category: "description", text: "A flaw was found in Chainsaw and SocketAppender components with Log4j 1.x on JRE, less than 1.7. This issue may allow an attacker to use a logging entry with a specially-crafted hashmap or hashtable, depending on which logging component is in use, to process and exhaust the available memory in the virtual machine, resulting in a Denial of Service when the object is deserialized. This issue affects Apache Log4j before version 2.", title: "Vulnerability description", }, { category: "summary", text: "log4j1-socketappender: DoS via hashmap logging", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8 and 9 security impacts have been reduced to Low as they do not enable the vulnerable JDK by default.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26464", }, { category: "external", summary: "RHBZ#2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26464", url: "https://www.cve.org/CVERecord?id=CVE-2023-26464", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", }, { category: "external", summary: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", url: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", }, ], release_date: "2023-03-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T03:41:07+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5486", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j1-socketappender: DoS via hashmap logging", }, { cve: "CVE-2023-33201", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-06-16T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2215465", }, ], notes: [ { category: "description", text: "A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain unauthorized information via blind LDAP Injection, exploring the environment and enumerating data. The exploit depends on the structure of the target LDAP directory as well as what kind of errors are exposed to the user.", title: "Vulnerability description", }, { category: "summary", text: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", ], known_not_affected: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-33201", }, { category: "external", summary: "RHBZ#2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-33201", url: "https://www.cve.org/CVERecord?id=CVE-2023-33201", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", }, { category: "external", summary: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", url: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", }, ], release_date: "2023-06-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T03:41:07+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5486", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", }, { cve: "CVE-2023-34462", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2023-06-23T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216888", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's SniHandler while navigating TLS handshake which may permit a large heap allocation if the handler did not have a timeout configured. This issue may allow an attacker to send a client hello packet which would cause the server to buffer large amounts of data per connection, potentially causing an out of memory error, resulting in Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "netty: SniHandler 16MB allocation leads to OOM", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", ], known_not_affected: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-34462", }, { category: "external", summary: "RHBZ#2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-34462", url: "https://www.cve.org/CVERecord?id=CVE-2023-34462", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", }, ], release_date: "2023-06-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T03:41:07+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5486", }, { category: "workaround", details: "Configuration of SniHandler with an idle timeout will mitigate this issue.", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: SniHandler 16MB allocation leads to OOM", }, ], }
rhsa-2024:10207
Vulnerability from csaf_redhat
Published
2024-11-25 00:12
Modified
2025-03-19 10:23
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.11 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.11 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.10, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.11 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding [eap-7.3.z] (CVE-2024-28752)
* h2: Loading of custom classes from remote servers through JNDI [eap-7.3.z] (CVE-2022-23221)
* log4j: Unsafe deserialization flaw in Chainsaw log viewer [eap-7.3.z] (CVE-2022-23307)
* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender [eap-7.3.z] (CVE-2022-23305)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender [eap-7.3.z] (CVE-2021-4104)
* CXF: Apache CXF: SSRF Vulnerability [eap-7.3.z] (CVE-2022-46364)
* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging [eap-7.3.z] (CVE-2023-26464)
* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.3.z] (CVE-2022-34169)
* xnio: StackOverflowException when the chain of notifier states becomes problematically big [eap-7.3.z] (CVE-2023-5685)
* hsqldb: Untrusted input may lead to RCE attack [eap-7.3.z] (CVE-2022-41853)
* server: eap-7: heap exhaustion via deserialization [eap-7.3.z] (CVE-2023-3171)
* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK [eap-7.3.z] (CVE-2023-39410)
* undertow: client side invocation timeout raised when calling EJB over HTTP and HTTP2 [eap-7.3.z] (CVE-2021-3859)
* avro: apache-avro: Schema parsing may trigger Remote Code Execution (RCE) [eap-7.3.z] (CVE-2024-47561)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.11 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.10, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.11 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding [eap-7.3.z] (CVE-2024-28752)\n\n* h2: Loading of custom classes from remote servers through JNDI [eap-7.3.z] (CVE-2022-23221)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer [eap-7.3.z] (CVE-2022-23307)\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender [eap-7.3.z] (CVE-2022-23305)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender [eap-7.3.z] (CVE-2021-4104)\n\n* CXF: Apache CXF: SSRF Vulnerability [eap-7.3.z] (CVE-2022-46364)\n\n* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging [eap-7.3.z] (CVE-2023-26464)\n\n* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.3.z] (CVE-2022-34169)\n\n* xnio: StackOverflowException when the chain of notifier states becomes problematically big [eap-7.3.z] (CVE-2023-5685)\n\n* hsqldb: Untrusted input may lead to RCE attack [eap-7.3.z] (CVE-2022-41853)\n\n* server: eap-7: heap exhaustion via deserialization [eap-7.3.z] (CVE-2023-3171)\n\n* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK [eap-7.3.z] (CVE-2023-39410)\n\n* undertow: client side invocation timeout raised when calling EJB over HTTP and HTTP2 [eap-7.3.z] (CVE-2021-3859)\n\n* avro: apache-avro: Schema parsing may trigger Remote Code Execution (RCE) [eap-7.3.z] (CVE-2024-47561)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:10207", url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/index", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/index", }, { category: "external", summary: "2010378", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2010378", }, { category: "external", summary: "2031667", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2031667", }, { category: "external", summary: "2041959", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2041959", }, { category: "external", summary: "2041967", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2041967", }, { category: "external", summary: "2044596", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2044596", }, { category: "external", summary: "2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "2316116", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2316116", }, { category: "external", summary: "2136141", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2136141", }, { category: "external", summary: "2155682", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2155682", }, { category: "external", summary: "2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "2241822", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2241822", }, { category: "external", summary: "2242521", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2242521", }, { category: "external", summary: "2270732", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270732", }, { category: "external", summary: "JBEAP-23025", url: "https://issues.redhat.com/browse/JBEAP-23025", }, { category: "external", summary: "JBEAP-28084", url: "https://issues.redhat.com/browse/JBEAP-28084", }, { category: "external", summary: "JBEAP-28089", url: "https://issues.redhat.com/browse/JBEAP-28089", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10207.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.11 Security update", tracking: { current_release_date: "2025-03-19T10:23:44+00:00", generator: { date: "2025-03-19T10:23:44+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2024:10207", initial_release_date: "2024-11-25T00:12:17+00:00", revision_history: [ { date: "2024-11-25T00:12:17+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-25T00:12:17+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-19T10:23:44+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product: { name: "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.15-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", product: { name: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", product_id: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf@3.4.10-1.SP1_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.13-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", product: { name: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", product_id: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-avro@1.7.6-8.redhat_00003.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", product: { name: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", product_id: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j@2.3.3-2.redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", product: { name: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", product_id: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-xml-security@2.2.3-2.redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", product: { name: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", product_id: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-38.redhat_00015.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", product: { name: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", product_id: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-log4j-jboss-logmanager@1.2.2-2.Final_redhat_00002.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", product: { name: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", product_id: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-h2database@1.4.197-3.redhat_00004.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", product_id: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-annotations-api_1.3_spec@2.0.1-4.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", product: { name: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", product_id: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-12.Final_redhat_00013.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", product: { name: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", product_id: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.3.11-4.GA_redhat_00002.1.el7eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product: { name: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_id: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf@3.4.10-1.SP1_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product: { name: "eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_id: "eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf-rt@3.4.10-1.SP1_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product: { name: "eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_id: "eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf-services@3.4.10-1.SP1_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product: { name: "eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_id: "eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf-tools@3.4.10-1.SP1_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.13-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", product: { name: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", product_id: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-avro@1.7.6-8.redhat_00003.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j@2.3.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j-bindings@2.3.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j-policy@2.3.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j-ws-security-common@2.3.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j-ws-security-dom@2.3.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j-ws-security-policy-stax@2.3.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j-ws-security-stax@2.3.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-xml-security@2.2.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", product: { name: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", product_id: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-38.redhat_00015.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", product: { name: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", product_id: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-log4j-jboss-logmanager@1.2.2-2.Final_redhat_00002.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", product: { name: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", product_id: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-h2database@1.4.197-3.redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-annotations-api_1.3_spec@2.0.1-4.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.3@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2-to-eap7.3@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.3-server@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly15.0-server@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly16.0-server@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly17.0-server@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly18.0-server@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product: { name: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_id: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.3.11-4.GA_redhat_00002.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product: { name: "eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_id: "eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.3.11-4.GA_redhat_00002.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product: { name: "eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_id: "eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.3.11-4.GA_redhat_00002.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product: { name: "eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_id: "eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.11-4.GA_redhat_00002.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product: { name: "eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_id: "eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-modules@7.3.11-4.GA_redhat_00002.1.el7eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", }, product_reference: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", }, product_reference: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", }, product_reference: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", }, product_reference: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", }, product_reference: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", }, product_reference: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", }, product_reference: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", }, product_reference: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", }, product_reference: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", }, product_reference: "eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", }, product_reference: "eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", }, product_reference: "eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", }, product_reference: "eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", }, product_reference: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", }, product_reference: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", }, product_reference: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", }, product_reference: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2021-3859", cwe: { id: "CWE-214", name: "Invocation of Process Using Visible Sensitive Information", }, discovery_date: "2021-09-05T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2010378", }, ], notes: [ { category: "description", text: "A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks.", title: "Vulnerability description", }, { category: "summary", text: "undertow: client side invocation timeout raised when calling over HTTP2", title: "Vulnerability summary", }, { category: "other", text: "Red Hat OpenStack Platform's OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Critical flaws.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-3859", }, { category: "external", summary: "RHBZ#2010378", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2010378", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-3859", url: "https://www.cve.org/CVERecord?id=CVE-2021-3859", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-3859", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-3859", }, ], release_date: "2022-02-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "undertow: client side invocation timeout raised when calling over HTTP2", }, { cve: "CVE-2021-4104", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2021-12-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2031667", }, ], notes: [ { category: "description", text: "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSAppender in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker's JNDI LDAP endpoint.", title: "Vulnerability description", }, { category: "summary", text: "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender", title: "Vulnerability summary", }, { category: "other", text: "Based on the conditions to be exploitable (see details below), the risk is much lower than Log4j 2.x and Red Hat has assessed this to be Moderate severity. This flaw has been filed for Log4j 1.x, and the corresponding flaw information for Log4j 2.x is available at: https://access.redhat.com/security/cve/CVE-2021-44228\n\nNote this flaw ONLY affects applications which are specifically configured to use JMSAppender, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSAppender to the attacker's JNDI LDAP endpoint. \n\nIf the Log4j configuration is set TopicBindingName or TopicConnectionFactoryBindingName configurations allowing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228 Log4j 2.x, Log4j 1.x is vulnerable. However, the attack vector is reduced as it depends on having write access, which is not a standard configuration rather than untrusted user input. These are sufficient factors beyond the attacker's control.\n\nThe tomcat package shipped with Red Hat Enterprise Linux does not include log4j but it does include a default configuration for log4j, log4j.properties, which could be used with tomcat if users choose to install and configure the library. The JMSAppender is not enabled by default, and the permissions of the file can only be modified as root.\n\nRed Hat Virtualization ships log4j12-1.2.17, but it is used and configured in a way which makes this flaw not possible to exploit. Therefore impact is rated Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-4104", }, { category: "external", summary: "RHBZ#2031667", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2031667", }, { category: "external", summary: "RHSB-2021-009", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-4104", url: "https://www.cve.org/CVERecord?id=CVE-2021-4104", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-4104", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-4104", }, { category: "external", summary: "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126", url: "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126", }, { category: "external", summary: "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301", url: "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301", }, { category: "external", summary: "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx", url: "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx", }, { category: "external", summary: "https://www.openwall.com/lists/oss-security/2021/12/13/1", url: "https://www.openwall.com/lists/oss-security/2021/12/13/1", }, ], release_date: "2021-12-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSAppender in the Log4j configuration if it is used\n- Remove the JMSAppender class from the classpath. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSAppender.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender", }, { cve: "CVE-2022-23221", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2022-01-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2044596", }, ], notes: [ { category: "description", text: "A flaw was found in the H2 Console. This flaw allows remote attackers to execute arbitrary code via a JDBC URL, concatenating with a substring that allows remote code execution by using a script.", title: "Vulnerability description", }, { category: "summary", text: "h2: Loading of custom classes from remote servers through JNDI", title: "Vulnerability summary", }, { category: "other", text: "In OpenShift Container Platform (OCP) the openshift-enterprise-3.11/metrics-hawkular-metrics-container container image ships a vulnerable version of h2 as part of the underlying images, but as it uses standard configuration and Console is not enabled/started by default, therefore the impact by this vulnerability is LOW and will not be fixed as OCP 3.x has already reached End of Full Support.\n\n[1] https://access.redhat.com/support/policy/updates/openshift_noncurrent", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-23221", }, { category: "external", summary: "RHBZ#2044596", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2044596", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-23221", url: "https://www.cve.org/CVERecord?id=CVE-2022-23221", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-23221", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-23221", }, { category: "external", summary: "https://github.com/advisories/GHSA-45hx-wfhj-473x", url: "https://github.com/advisories/GHSA-45hx-wfhj-473x", }, ], release_date: "2022-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "h2: Loading of custom classes from remote servers through JNDI", }, { cve: "CVE-2022-23305", cwe: { id: "CWE-89", name: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", }, discovery_date: "2022-01-18T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2041959", }, ], notes: [ { category: "description", text: "A flaw was found in the Java logging library Apache Log4j in version 1.x. JDBCAppender in Log4j 1.x is vulnerable to SQL injection in untrusted data. This allows a remote attacker to run SQL statements in the database if the deployed application is configured to use JDBCAppender with certain interpolation tokens.", title: "Vulnerability description", }, { category: "summary", text: "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender", title: "Vulnerability summary", }, { category: "other", text: "Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JDBCAppender is not used. Therefore the impact of this vulnerability for these products is rated Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-23305", }, { category: "external", summary: "RHBZ#2041959", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2041959", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-23305", url: "https://www.cve.org/CVERecord?id=CVE-2022-23305", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-23305", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-23305", }, { category: "external", summary: "https://www.openwall.com/lists/oss-security/2022/01/18/4", url: "https://www.openwall.com/lists/oss-security/2022/01/18/4", }, ], release_date: "2022-01-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JDBCAppender in the Log4j configuration if it is used\n- Remove the JDBCAppender class from the server's jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/jdbc/JDBCAppender.class\n```", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender", }, { cve: "CVE-2022-23307", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2022-01-18T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2041967", }, ], notes: [ { category: "description", text: "A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run.", title: "Vulnerability description", }, { category: "summary", text: "log4j: Unsafe deserialization flaw in Chainsaw log viewer", title: "Vulnerability summary", }, { category: "other", text: "Chainsaw is a standalone graphical user interface for viewing log entries in log4j. This flaw may be bypassed by using other available means to access log entries.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization ships a vulnerable version of the log4j package, however chainsaw is not part of typical use cases. An attacker looking to exploit this would need to not only be able to generate a malicious log entry, but also have the necessary access and permissions to start chainsaw on the engine node. Therefore the impact of this vulnerability for Red Hat Virtualization is rated Low.\n\nSimilar to Red Hat Virtualization in OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of log4j package, however vulnerable chainsaw component is not used by default. Therefore the impact to OCP is reduced to Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-23307", }, { category: "external", summary: "RHBZ#2041967", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2041967", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-23307", url: "https://www.cve.org/CVERecord?id=CVE-2022-23307", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-23307", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-23307", }, { category: "external", summary: "https://www.openwall.com/lists/oss-security/2022/01/18/5", url: "https://www.openwall.com/lists/oss-security/2022/01/18/5", }, ], release_date: "2022-01-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "These are the mitigations available for this flaw for log4j 1.x:\n- Avoid using Chainsaw to view logs, and instead use some other utility, especially if there is a log view available within the product itself.\n- Remove the Chainsaw classes from the log4j jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/chainsaw/*\n```\n(log4j jars may be nested in zip archives within product)", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j: Unsafe deserialization flaw in Chainsaw log viewer", }, { cve: "CVE-2022-34169", cwe: { id: "CWE-192", name: "Integer Coercion Error", }, discovery_date: "2022-07-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2108554", }, ], notes: [ { category: "description", text: "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-34169", }, { category: "external", summary: "RHBZ#2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-34169", url: "https://www.cve.org/CVERecord?id=CVE-2022-34169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", }, ], release_date: "2022-07-19T20:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", }, { cve: "CVE-2022-41853", cwe: { id: "CWE-470", name: "Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')", }, discovery_date: "2022-10-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2136141", }, ], notes: [ { category: "description", text: "A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.", title: "Vulnerability description", }, { category: "summary", text: "hsqldb: Untrusted input may lead to RCE attack", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-41853", }, { category: "external", summary: "RHBZ#2136141", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2136141", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-41853", url: "https://www.cve.org/CVERecord?id=CVE-2022-41853", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-41853", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-41853", }, { category: "external", summary: "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control", url: "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control", }, { category: "external", summary: "https://github.com/advisories/GHSA-77xx-rxvh-q682", url: "https://github.com/advisories/GHSA-77xx-rxvh-q682", }, ], release_date: "2022-10-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "By default, the static methods of any class that is on the classpath are available for use and can compromise security in some systems. The optional Java system property, hsqldb.method_class_names, allows preventing access to classes other than java.lang.Math or specifying a semicolon-separated list of allowed classes. A property value that ends with .* is treated as a wild card and allows access to all class or method names formed by substitution of the * (asterisk).\n\nIn the example below, the property has been included as an argument to the Java command.\n\n java -Dhsqldb.method_class_names=\"org.me.MyClass;org.you.YourClass;org.you.lib.*\" [the rest of the command line]\n\nThe above example allows access to the methods in the two classes: org.me.MyClass and org.you.YourClass together with all the classes in the org.you.lib package. Note that if the property is not defined, no access control is performed at this level.\n\nThe user who creates a Java routine must have the relevant access privileges on the tables that are used inside the Java method.\n\nOnce the routine has been defined, the normal database access control applies to its user. The routine can be executed only by those users who have been granted EXECUTE privileges on it. Access to routines can be granted to users with GRANT EXECUTE or GRANT ALL. For example, GRANT EXECUTE ON myroutine TO PUBLIC.\n\nIn hsqldb 2.7.1, all classes by default are not accessible, except those in java.lang.Math and need to be manually enabled.", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "hsqldb: Untrusted input may lead to RCE attack", }, { cve: "CVE-2022-46364", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2022-12-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2155682", }, ], notes: [ { category: "description", text: "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.", title: "Vulnerability description", }, { category: "summary", text: "CXF: SSRF Vulnerability", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-46364", }, { category: "external", summary: "RHBZ#2155682", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2155682", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-46364", url: "https://www.cve.org/CVERecord?id=CVE-2022-46364", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-46364", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-46364", }, { category: "external", summary: "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2", url: "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2", }, ], release_date: "2022-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "CXF: SSRF Vulnerability", }, { cve: "CVE-2023-3171", cwe: { id: "CWE-789", name: "Memory Allocation with Excessive Size Value", }, discovery_date: "2023-04-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2213639", }, ], notes: [ { category: "description", text: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "eap-7: heap exhaustion via deserialization", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { category: "external", summary: "RHBZ#2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3171", url: "https://www.cve.org/CVERecord?id=CVE-2023-3171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "eap-7: heap exhaustion via deserialization", }, { cve: "CVE-2023-5685", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-10-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2241822", }, ], notes: [ { category: "description", text: "A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "xnio: StackOverflowException when the chain of notifier states becomes problematically big", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates this vulnerability as an Important impact as the uncontrolled resource consumption may lead to Denial of Service (DoS). This might be intentioned by an attacker who is looking to jeopardize an environment.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-5685", }, { category: "external", summary: "RHBZ#2241822", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2241822", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-5685", url: "https://www.cve.org/CVERecord?id=CVE-2023-5685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-5685", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-5685", }, ], release_date: "2024-03-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "There is currently no mitigation available for this vulnerability. Please keep the packages up-to-date as the updates become available.", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "xnio: StackOverflowException when the chain of notifier states becomes problematically big", }, { cve: "CVE-2023-26464", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-03-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2182864", }, ], notes: [ { category: "description", text: "A flaw was found in Chainsaw and SocketAppender components with Log4j 1.x on JRE, less than 1.7. This issue may allow an attacker to use a logging entry with a specially-crafted hashmap or hashtable, depending on which logging component is in use, to process and exhaust the available memory in the virtual machine, resulting in a Denial of Service when the object is deserialized. This issue affects Apache Log4j before version 2.", title: "Vulnerability description", }, { category: "summary", text: "log4j1-socketappender: DoS via hashmap logging", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8 and 9 security impacts have been reduced to Low as they do not enable the vulnerable JDK by default.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26464", }, { category: "external", summary: "RHBZ#2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26464", url: "https://www.cve.org/CVERecord?id=CVE-2023-26464", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", }, { category: "external", summary: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", url: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", }, ], release_date: "2023-03-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j1-socketappender: DoS via hashmap logging", }, { cve: "CVE-2023-39410", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2023-10-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2242521", }, ], notes: [ { category: "description", text: "A flaw was found in apache-avro. When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints, leading to an out-of-memory error and a denial of service on the system.", title: "Vulnerability description", }, { category: "summary", text: "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-39410", }, { category: "external", summary: "RHBZ#2242521", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2242521", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-39410", url: "https://www.cve.org/CVERecord?id=CVE-2023-39410", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-39410", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-39410", }, { category: "external", summary: "https://issues.apache.org/jira/browse/AVRO-3819", url: "https://issues.apache.org/jira/browse/AVRO-3819", }, ], release_date: "2023-09-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK", }, { cve: "CVE-2024-28752", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2024-03-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2270732", }, ], notes: [ { category: "description", text: "A server-side request forgery (SSRF) vulnerability was found in Apache CXF. This issue occurs in attacks on webservices that take at least one parameter of any type, and when Aegisdatabind is used. Users of other data bindings including the default databinding are not impacted.", title: "Vulnerability description", }, { category: "summary", text: "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates this as an Important impact due to the fact this requires Aegis databind, which is not the default databinding for Apache CXF.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-28752", }, { category: "external", summary: "RHBZ#2270732", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270732", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-28752", url: "https://www.cve.org/CVERecord?id=CVE-2024-28752", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-28752", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-28752", }, { category: "external", summary: "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt", url: "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt", }, { category: "external", summary: "https://github.com/advisories/GHSA-qmgx-j96g-4428", url: "https://github.com/advisories/GHSA-qmgx-j96g-4428", }, ], release_date: "2024-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "No mitigation is currently available for this vulnerability. Please make sure to update as the fixes become available.", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding", }, { cve: "CVE-2024-47561", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2024-10-02T14:04:06.018000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2316116", }, ], notes: [ { category: "description", text: "A vulnerability was found in Apache Avro. The project is affected and at risk if it accepts an org.apache.Avro/avroAvro schema for parsing provided by an end user. This flaw allows an attacker to trigger remote code execution by using the special \"java-class\" attribute.", title: "Vulnerability description", }, { category: "summary", text: "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)", title: "Vulnerability summary", }, { category: "other", text: "The Red Hat build of Apache Camel K 1.10 was rated Important as it allows users to provide an Avro schema for parsing. Note that this functionality is limited to authenticated users.\n\nRed Hat Single Sign-On 7 ships the affected component in its maven repository but does not use it in the product. As such it is affected but not vulnerable to the flaw, and is assessed at Moderate security impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47561", }, { category: "external", summary: "RHBZ#2316116", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2316116", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47561", url: "https://www.cve.org/CVERecord?id=CVE-2024-47561", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47561", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47561", }, ], release_date: "2024-10-03T12:20:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "1. Avoid parsing user-provided schemas.\n2. Ensure proper input validation and sanitization of schemas before parsing.\n3. Monitor systems for any unusual activities that may indicate exploitation attempts.\n4. Apply the principle of least privilege to minimize the potential impact of successful exploits.", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)", }, ], }
rhsa-2023:5485
Vulnerability from csaf_redhat
Published
2023-10-06 07:21
Modified
2025-03-24 12:02
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update on RHEL 8
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)
* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)
* nodejs-semver: Regular expression denial of service (CVE-2022-25883)
* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)
* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)
* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)
* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)\n\n* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)\n\n* nodejs-semver: Regular expression denial of service (CVE-2022-25883)\n\n* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)\n\n* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)\n\n* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)\n\n* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:5485", url: "https://access.redhat.com/errata/RHSA-2023:5485", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", }, { category: "external", summary: "2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "JBEAP-24667", url: "https://issues.redhat.com/browse/JBEAP-24667", }, { category: "external", summary: "JBEAP-24798", url: "https://issues.redhat.com/browse/JBEAP-24798", }, { category: "external", summary: "JBEAP-24966", url: "https://issues.redhat.com/browse/JBEAP-24966", }, { category: "external", summary: "JBEAP-24985", url: "https://issues.redhat.com/browse/JBEAP-24985", }, { category: "external", summary: "JBEAP-25032", url: "https://issues.redhat.com/browse/JBEAP-25032", }, { category: "external", summary: "JBEAP-25033", url: "https://issues.redhat.com/browse/JBEAP-25033", }, { category: "external", summary: "JBEAP-25078", url: "https://issues.redhat.com/browse/JBEAP-25078", }, { category: "external", summary: "JBEAP-25122", url: "https://issues.redhat.com/browse/JBEAP-25122", }, { category: "external", summary: "JBEAP-25135", url: "https://issues.redhat.com/browse/JBEAP-25135", }, { category: "external", summary: "JBEAP-25186", url: "https://issues.redhat.com/browse/JBEAP-25186", }, { category: "external", summary: "JBEAP-25200", url: "https://issues.redhat.com/browse/JBEAP-25200", }, { category: "external", summary: "JBEAP-25225", url: "https://issues.redhat.com/browse/JBEAP-25225", }, { category: "external", summary: "JBEAP-25261", url: "https://issues.redhat.com/browse/JBEAP-25261", }, { category: "external", summary: "JBEAP-25285", url: "https://issues.redhat.com/browse/JBEAP-25285", }, { category: "external", summary: "JBEAP-25312", url: "https://issues.redhat.com/browse/JBEAP-25312", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5485.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update on RHEL 8", tracking: { current_release_date: "2025-03-24T12:02:46+00:00", generator: { date: "2025-03-24T12:02:46+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2023:5485", initial_release_date: "2023-10-06T07:21:50+00:00", revision_history: [ { date: "2023-10-06T07:21:50+00:00", number: "1", summary: "Initial version", }, { date: "2023-10-06T07:21:50+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-24T12:02:46+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss EAP 7.4 for RHEL 8", product: { name: "Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy@3.15.8-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", product: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", product_id: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-31.Final_redhat_00030.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", product: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", product_id: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.13-2.SP1_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.94-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.10-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-mod_cluster@1.4.5-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.20-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate@5.3.31-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hal-console@3.3.19-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar@1.5.15-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", product: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", product_id: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-15.redhat_00049.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", product: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", product_id: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.76.0-4.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", product: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", product_id: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.13-8.GA_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-modules@1.12.2-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", product: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", product_id: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-undertow@2.2.26-1.SP1_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.94-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-cdi@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-client@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-crypto@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jsapi@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-spring@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product_id: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-31.Final_redhat_00030.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product: { name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product_id: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-31.Final_redhat_00030.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product: { name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product_id: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-31.Final_redhat_00030.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", product: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", product_id: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.13-2.SP1_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", product: { name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", product_id: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.13-2.SP1_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-all@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-buffer@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-common@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-rxtx@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-udt@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.10-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-mod_cluster@1.4.5-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.20-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.20-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate@5.3.31-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-core@5.3.31-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.31-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-envers@5.3.31-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-java8@5.3.31-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hal-console@3.3.19-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_id: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.76.0-4.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product: { name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_id: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-mail@1.76.0-4.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product: { name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_id: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-pg@1.76.0-4.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product: { name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_id: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.76.0-4.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product: { name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_id: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-prov@1.76.0-4.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product: { name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_id: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-util@1.76.0-4.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.13-8.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.13-8.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.13-8.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.13-8.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.13-8.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-modules@7.4.13-8.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-modules@1.12.2-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", product: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", product_id: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-undertow@2.2.26-1.SP1_redhat_00001.1.el8eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", product_id: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.94-1.Final_redhat_00001.1.el8eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", product_id: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.94-1.Final_redhat_00001.1.el8eap?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", }, product_reference: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", }, product_reference: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", }, product_reference: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", }, product_reference: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", }, product_reference: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", }, product_reference: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", }, product_reference: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", }, product_reference: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", }, product_reference: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, ], }, vulnerabilities: [ { cve: "CVE-2022-25883", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2023-06-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216475", }, ], notes: [ { category: "description", text: "A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size, resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-semver: Regular expression denial of service", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Advanced Cluster Management for Kubernetes-2 and Red Hat Advanced Cluster Security-3 has been marked as Low severity because node-semver is a Dev dependency for those, used only during the build process, and not used in customer environments.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM) the server-regexp dependency is protected by OAuth what is reducing impact by this flaw to Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25883", }, { category: "external", summary: "RHBZ#2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25883", url: "https://www.cve.org/CVERecord?id=CVE-2022-25883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", }, { category: "external", summary: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", url: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", url: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", }, ], release_date: "2023-06-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T07:21:50+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5485", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nodejs-semver: Regular expression denial of service", }, { cve: "CVE-2023-3171", cwe: { id: "CWE-789", name: "Memory Allocation with Excessive Size Value", }, discovery_date: "2023-04-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2213639", }, ], notes: [ { category: "description", text: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "eap-7: heap exhaustion via deserialization", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { category: "external", summary: "RHBZ#2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3171", url: "https://www.cve.org/CVERecord?id=CVE-2023-3171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T07:21:50+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5485", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "eap-7: heap exhaustion via deserialization", }, { cve: "CVE-2023-4061", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-08-02T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2228608", }, ], notes: [ { category: "description", text: "A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system.", title: "Vulnerability description", }, { category: "summary", text: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability requires a malicious user to previously have access to the system, especially access to the HAL interface via browser and logged with a management user who have access to the resolve-expression method, hence the moderate impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], known_not_affected: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-4061", }, { category: "external", summary: "RHBZ#2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-4061", url: "https://www.cve.org/CVERecord?id=CVE-2023-4061", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T07:21:50+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5485", }, { category: "workaround", details: "Wildfly administrators are recommended to use Vault, especially the Elytron subsystem, to store potential critical information such as DNS, IPs, and credentials.", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", }, { acknowledgments: [ { names: [ "Kokorin Vsevolod", ], }, ], cve: "CVE-2023-26136", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, discovery_date: "2023-07-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2219310", }, ], notes: [ { category: "description", text: "A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.", title: "Vulnerability description", }, { category: "summary", text: "tough-cookie: prototype pollution in cookie memstore", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26136", }, { category: "external", summary: "RHBZ#2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26136", url: "https://www.cve.org/CVERecord?id=CVE-2023-26136", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", url: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/issues/282", url: "https://github.com/salesforce/tough-cookie/issues/282", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", url: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", }, { category: "external", summary: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", url: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", }, ], release_date: "2023-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T07:21:50+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5485", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tough-cookie: prototype pollution in cookie memstore", }, { cve: "CVE-2023-26464", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-03-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2182864", }, ], notes: [ { category: "description", text: "A flaw was found in Chainsaw and SocketAppender components with Log4j 1.x on JRE, less than 1.7. This issue may allow an attacker to use a logging entry with a specially-crafted hashmap or hashtable, depending on which logging component is in use, to process and exhaust the available memory in the virtual machine, resulting in a Denial of Service when the object is deserialized. This issue affects Apache Log4j before version 2.", title: "Vulnerability description", }, { category: "summary", text: "log4j1-socketappender: DoS via hashmap logging", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8 and 9 security impacts have been reduced to Low as they do not enable the vulnerable JDK by default.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26464", }, { category: "external", summary: "RHBZ#2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26464", url: "https://www.cve.org/CVERecord?id=CVE-2023-26464", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", }, { category: "external", summary: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", url: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", }, ], release_date: "2023-03-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T07:21:50+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5485", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j1-socketappender: DoS via hashmap logging", }, { cve: "CVE-2023-33201", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-06-16T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2215465", }, ], notes: [ { category: "description", text: "A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain unauthorized information via blind LDAP Injection, exploring the environment and enumerating data. The exploit depends on the structure of the target LDAP directory as well as what kind of errors are exposed to the user.", title: "Vulnerability description", }, { category: "summary", text: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", ], known_not_affected: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-33201", }, { category: "external", summary: "RHBZ#2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-33201", url: "https://www.cve.org/CVERecord?id=CVE-2023-33201", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", }, { category: "external", summary: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", url: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", }, ], release_date: "2023-06-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T07:21:50+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5485", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", }, { cve: "CVE-2023-34462", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2023-06-23T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216888", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's SniHandler while navigating TLS handshake which may permit a large heap allocation if the handler did not have a timeout configured. This issue may allow an attacker to send a client hello packet which would cause the server to buffer large amounts of data per connection, potentially causing an out of memory error, resulting in Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "netty: SniHandler 16MB allocation leads to OOM", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", ], known_not_affected: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-34462", }, { category: "external", summary: "RHBZ#2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-34462", url: "https://www.cve.org/CVERecord?id=CVE-2023-34462", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", }, ], release_date: "2023-06-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T07:21:50+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5485", }, { category: "workaround", details: "Configuration of SniHandler with an idle timeout will mitigate this issue.", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: SniHandler 16MB allocation leads to OOM", }, ], }
rhsa-2023_5488
Vulnerability from csaf_redhat
Published
2023-10-05 20:18
Modified
2024-12-17 23:05
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)
* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)
* nodejs-semver: Regular expression denial of service (CVE-2022-25883)
* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)
* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)
* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)
* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)\n\n* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)\n\n* nodejs-semver: Regular expression denial of service (CVE-2022-25883)\n\n* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)\n\n* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)\n\n* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)\n\n* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:5488", url: "https://access.redhat.com/errata/RHSA-2023:5488", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches&product=appplatform&version=7.4", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches&product=appplatform&version=7.4", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", }, { category: "external", summary: "2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "JBEAP-24667", url: "https://issues.redhat.com/browse/JBEAP-24667", }, { category: "external", summary: "JBEAP-24966", url: "https://issues.redhat.com/browse/JBEAP-24966", }, { category: "external", summary: "JBEAP-24985", url: "https://issues.redhat.com/browse/JBEAP-24985", }, { category: "external", summary: "JBEAP-25032", url: "https://issues.redhat.com/browse/JBEAP-25032", }, { category: "external", summary: "JBEAP-25033", url: "https://issues.redhat.com/browse/JBEAP-25033", }, { category: "external", summary: "JBEAP-25078", url: "https://issues.redhat.com/browse/JBEAP-25078", }, { category: "external", summary: "JBEAP-25122", url: "https://issues.redhat.com/browse/JBEAP-25122", }, { category: "external", summary: "JBEAP-25135", url: "https://issues.redhat.com/browse/JBEAP-25135", }, { category: "external", summary: "JBEAP-25186", url: "https://issues.redhat.com/browse/JBEAP-25186", }, { category: "external", summary: "JBEAP-25200", url: "https://issues.redhat.com/browse/JBEAP-25200", }, { category: "external", summary: "JBEAP-25225", url: "https://issues.redhat.com/browse/JBEAP-25225", }, { category: "external", summary: "JBEAP-25261", url: "https://issues.redhat.com/browse/JBEAP-25261", }, { category: "external", summary: "JBEAP-25285", url: "https://issues.redhat.com/browse/JBEAP-25285", }, { category: "external", summary: "JBEAP-25312", url: "https://issues.redhat.com/browse/JBEAP-25312", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5488.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update", tracking: { current_release_date: "2024-12-17T23:05:07+00:00", generator: { date: "2024-12-17T23:05:07+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2023:5488", initial_release_date: "2023-10-05T20:18:28+00:00", revision_history: [ { date: "2023-10-05T20:18:28+00:00", number: "1", summary: "Initial version", }, { date: "2023-10-05T20:18:28+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T23:05:07+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "EAP 7.4.13", product: { name: "EAP 7.4.13", product_id: "EAP 7.4.13", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2022-25883", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2023-06-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216475", }, ], notes: [ { category: "description", text: "A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size, resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-semver: Regular expression denial of service", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Advanced Cluster Management for Kubernetes-2 and Red Hat Advanced Cluster Security-3 has been marked as Low severity because node-semver is a Dev dependency for those, used only during the build process, and not used in customer environments.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM) the server-regexp dependency is protected by OAuth what is reducing impact by this flaw to Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "EAP 7.4.13", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25883", }, { category: "external", summary: "RHBZ#2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25883", url: "https://www.cve.org/CVERecord?id=CVE-2022-25883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", }, { category: "external", summary: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", url: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", url: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", }, ], release_date: "2023-06-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:18:28+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "EAP 7.4.13", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5488", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "EAP 7.4.13", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nodejs-semver: Regular expression denial of service", }, { cve: "CVE-2023-3171", cwe: { id: "CWE-789", name: "Memory Allocation with Excessive Size Value", }, discovery_date: "2023-04-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2213639", }, ], notes: [ { category: "description", text: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "eap-7: heap exhaustion via deserialization", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "EAP 7.4.13", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { category: "external", summary: "RHBZ#2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3171", url: "https://www.cve.org/CVERecord?id=CVE-2023-3171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:18:28+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "EAP 7.4.13", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5488", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "EAP 7.4.13", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "eap-7: heap exhaustion via deserialization", }, { cve: "CVE-2023-4061", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-08-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2228608", }, ], notes: [ { category: "description", text: "A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system.", title: "Vulnerability description", }, { category: "summary", text: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability requires a malicious user to previously have access to the system, especially access to the HAL interface via browser and logged with a management user who have access to the resolve-expression method, hence the moderate impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "EAP 7.4.13", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-4061", }, { category: "external", summary: "RHBZ#2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-4061", url: "https://www.cve.org/CVERecord?id=CVE-2023-4061", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:18:28+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "EAP 7.4.13", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5488", }, { category: "workaround", details: "Wildfly administrators are recommended to use Vault, especially the Elytron subsystem, to store potential critical information such as DNS, IPs, and credentials.", product_ids: [ "EAP 7.4.13", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "EAP 7.4.13", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", }, { acknowledgments: [ { names: [ "Kokorin Vsevolod", ], }, ], cve: "CVE-2023-26136", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, discovery_date: "2023-07-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2219310", }, ], notes: [ { category: "description", text: "A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.", title: "Vulnerability description", }, { category: "summary", text: "tough-cookie: prototype pollution in cookie memstore", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "EAP 7.4.13", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26136", }, { category: "external", summary: "RHBZ#2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26136", url: "https://www.cve.org/CVERecord?id=CVE-2023-26136", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", url: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/issues/282", url: "https://github.com/salesforce/tough-cookie/issues/282", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", url: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", }, { category: "external", summary: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", url: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", }, ], release_date: "2023-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:18:28+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "EAP 7.4.13", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5488", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "EAP 7.4.13", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tough-cookie: prototype pollution in cookie memstore", }, { cve: "CVE-2023-26464", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-03-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2182864", }, ], notes: [ { category: "description", text: "A flaw was found in Chainsaw and SocketAppender components with Log4j 1.x on JRE, less than 1.7. This issue may allow an attacker to use a logging entry with a specially-crafted hashmap or hashtable, depending on which logging component is in use, to process and exhaust the available memory in the virtual machine, resulting in a Denial of Service when the object is deserialized. This issue affects Apache Log4j before version 2.", title: "Vulnerability description", }, { category: "summary", text: "log4j1-socketappender: DoS via hashmap logging", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8 and 9 security impacts have been reduced to Low as they do not enable the vulnerable JDK by default.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "EAP 7.4.13", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26464", }, { category: "external", summary: "RHBZ#2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26464", url: "https://www.cve.org/CVERecord?id=CVE-2023-26464", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", }, { category: "external", summary: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", url: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", }, ], release_date: "2023-03-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:18:28+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "EAP 7.4.13", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5488", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "EAP 7.4.13", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "EAP 7.4.13", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j1-socketappender: DoS via hashmap logging", }, { cve: "CVE-2023-33201", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-06-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2215465", }, ], notes: [ { category: "description", text: "A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain unauthorized information via blind LDAP Injection, exploring the environment and enumerating data. The exploit depends on the structure of the target LDAP directory as well as what kind of errors are exposed to the user.", title: "Vulnerability description", }, { category: "summary", text: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "EAP 7.4.13", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-33201", }, { category: "external", summary: "RHBZ#2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-33201", url: "https://www.cve.org/CVERecord?id=CVE-2023-33201", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", }, { category: "external", summary: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", url: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", }, ], release_date: "2023-06-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:18:28+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "EAP 7.4.13", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5488", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "EAP 7.4.13", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", }, { cve: "CVE-2023-34462", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2023-06-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216888", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's SniHandler while navigating TLS handshake which may permit a large heap allocation if the handler did not have a timeout configured. This issue may allow an attacker to send a client hello packet which would cause the server to buffer large amounts of data per connection, potentially causing an out of memory error, resulting in Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "netty: SniHandler 16MB allocation leads to OOM", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "EAP 7.4.13", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-34462", }, { category: "external", summary: "RHBZ#2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-34462", url: "https://www.cve.org/CVERecord?id=CVE-2023-34462", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", }, ], release_date: "2023-06-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:18:28+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "EAP 7.4.13", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5488", }, { category: "workaround", details: "Configuration of SniHandler with an idle timeout will mitigate this issue.", product_ids: [ "EAP 7.4.13", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "EAP 7.4.13", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: SniHandler 16MB allocation leads to OOM", }, ], }
RHSA-2023:5485
Vulnerability from csaf_redhat
Published
2023-10-06 07:21
Modified
2025-03-24 12:02
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update on RHEL 8
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)
* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)
* nodejs-semver: Regular expression denial of service (CVE-2022-25883)
* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)
* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)
* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)
* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)\n\n* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)\n\n* nodejs-semver: Regular expression denial of service (CVE-2022-25883)\n\n* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)\n\n* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)\n\n* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)\n\n* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:5485", url: "https://access.redhat.com/errata/RHSA-2023:5485", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", }, { category: "external", summary: "2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "JBEAP-24667", url: "https://issues.redhat.com/browse/JBEAP-24667", }, { category: "external", summary: "JBEAP-24798", url: "https://issues.redhat.com/browse/JBEAP-24798", }, { category: "external", summary: "JBEAP-24966", url: "https://issues.redhat.com/browse/JBEAP-24966", }, { category: "external", summary: "JBEAP-24985", url: "https://issues.redhat.com/browse/JBEAP-24985", }, { category: "external", summary: "JBEAP-25032", url: "https://issues.redhat.com/browse/JBEAP-25032", }, { category: "external", summary: "JBEAP-25033", url: "https://issues.redhat.com/browse/JBEAP-25033", }, { category: "external", summary: "JBEAP-25078", url: "https://issues.redhat.com/browse/JBEAP-25078", }, { category: "external", summary: "JBEAP-25122", url: "https://issues.redhat.com/browse/JBEAP-25122", }, { category: "external", summary: "JBEAP-25135", url: "https://issues.redhat.com/browse/JBEAP-25135", }, { category: "external", summary: "JBEAP-25186", url: "https://issues.redhat.com/browse/JBEAP-25186", }, { category: "external", summary: "JBEAP-25200", url: "https://issues.redhat.com/browse/JBEAP-25200", }, { category: "external", summary: "JBEAP-25225", url: "https://issues.redhat.com/browse/JBEAP-25225", }, { category: "external", summary: "JBEAP-25261", url: "https://issues.redhat.com/browse/JBEAP-25261", }, { category: "external", summary: "JBEAP-25285", url: "https://issues.redhat.com/browse/JBEAP-25285", }, { category: "external", summary: "JBEAP-25312", url: "https://issues.redhat.com/browse/JBEAP-25312", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5485.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update on RHEL 8", tracking: { current_release_date: "2025-03-24T12:02:46+00:00", generator: { date: "2025-03-24T12:02:46+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2023:5485", initial_release_date: "2023-10-06T07:21:50+00:00", revision_history: [ { date: "2023-10-06T07:21:50+00:00", number: "1", summary: "Initial version", }, { date: "2023-10-06T07:21:50+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-24T12:02:46+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss EAP 7.4 for RHEL 8", product: { name: "Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy@3.15.8-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", product: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", product_id: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-31.Final_redhat_00030.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", product: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", product_id: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.13-2.SP1_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.94-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.10-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-mod_cluster@1.4.5-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.20-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate@5.3.31-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hal-console@3.3.19-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar@1.5.15-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", product: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", product_id: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-15.redhat_00049.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", product: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", product_id: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.76.0-4.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", product: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", product_id: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.13-8.GA_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-modules@1.12.2-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", product: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", product_id: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-undertow@2.2.26-1.SP1_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.94-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-cdi@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-client@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-crypto@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jsapi@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-spring@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product_id: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-31.Final_redhat_00030.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product: { name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product_id: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-31.Final_redhat_00030.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product: { name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product_id: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-31.Final_redhat_00030.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", product: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", product_id: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.13-2.SP1_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", product: { name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", product_id: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.13-2.SP1_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-all@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-buffer@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-common@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-rxtx@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-udt@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.10-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-mod_cluster@1.4.5-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.20-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.20-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate@5.3.31-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-core@5.3.31-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.31-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-envers@5.3.31-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-java8@5.3.31-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hal-console@3.3.19-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_id: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.76.0-4.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product: { name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_id: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-mail@1.76.0-4.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product: { name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_id: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-pg@1.76.0-4.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product: { name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_id: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.76.0-4.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product: { name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_id: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-prov@1.76.0-4.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product: { name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_id: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-util@1.76.0-4.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.13-8.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.13-8.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.13-8.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.13-8.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.13-8.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-modules@7.4.13-8.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-modules@1.12.2-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", product: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", product_id: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-undertow@2.2.26-1.SP1_redhat_00001.1.el8eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", product_id: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.94-1.Final_redhat_00001.1.el8eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", product_id: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.94-1.Final_redhat_00001.1.el8eap?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", }, product_reference: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", }, product_reference: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", }, product_reference: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", }, product_reference: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", }, product_reference: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", }, product_reference: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", }, product_reference: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", }, product_reference: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", }, product_reference: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, ], }, vulnerabilities: [ { cve: "CVE-2022-25883", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2023-06-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216475", }, ], notes: [ { category: "description", text: "A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size, resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-semver: Regular expression denial of service", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Advanced Cluster Management for Kubernetes-2 and Red Hat Advanced Cluster Security-3 has been marked as Low severity because node-semver is a Dev dependency for those, used only during the build process, and not used in customer environments.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM) the server-regexp dependency is protected by OAuth what is reducing impact by this flaw to Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25883", }, { category: "external", summary: "RHBZ#2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25883", url: "https://www.cve.org/CVERecord?id=CVE-2022-25883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", }, { category: "external", summary: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", url: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", url: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", }, ], release_date: "2023-06-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T07:21:50+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5485", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nodejs-semver: Regular expression denial of service", }, { cve: "CVE-2023-3171", cwe: { id: "CWE-789", name: "Memory Allocation with Excessive Size Value", }, discovery_date: "2023-04-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2213639", }, ], notes: [ { category: "description", text: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "eap-7: heap exhaustion via deserialization", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { category: "external", summary: "RHBZ#2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3171", url: "https://www.cve.org/CVERecord?id=CVE-2023-3171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T07:21:50+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5485", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "eap-7: heap exhaustion via deserialization", }, { cve: "CVE-2023-4061", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-08-02T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2228608", }, ], notes: [ { category: "description", text: "A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system.", title: "Vulnerability description", }, { category: "summary", text: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability requires a malicious user to previously have access to the system, especially access to the HAL interface via browser and logged with a management user who have access to the resolve-expression method, hence the moderate impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], known_not_affected: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-4061", }, { category: "external", summary: "RHBZ#2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-4061", url: "https://www.cve.org/CVERecord?id=CVE-2023-4061", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T07:21:50+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5485", }, { category: "workaround", details: "Wildfly administrators are recommended to use Vault, especially the Elytron subsystem, to store potential critical information such as DNS, IPs, and credentials.", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", }, { acknowledgments: [ { names: [ "Kokorin Vsevolod", ], }, ], cve: "CVE-2023-26136", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, discovery_date: "2023-07-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2219310", }, ], notes: [ { category: "description", text: "A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.", title: "Vulnerability description", }, { category: "summary", text: "tough-cookie: prototype pollution in cookie memstore", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26136", }, { category: "external", summary: "RHBZ#2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26136", url: "https://www.cve.org/CVERecord?id=CVE-2023-26136", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", url: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/issues/282", url: "https://github.com/salesforce/tough-cookie/issues/282", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", url: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", }, { category: "external", summary: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", url: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", }, ], release_date: "2023-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T07:21:50+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5485", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tough-cookie: prototype pollution in cookie memstore", }, { cve: "CVE-2023-26464", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-03-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2182864", }, ], notes: [ { category: "description", text: "A flaw was found in Chainsaw and SocketAppender components with Log4j 1.x on JRE, less than 1.7. This issue may allow an attacker to use a logging entry with a specially-crafted hashmap or hashtable, depending on which logging component is in use, to process and exhaust the available memory in the virtual machine, resulting in a Denial of Service when the object is deserialized. This issue affects Apache Log4j before version 2.", title: "Vulnerability description", }, { category: "summary", text: "log4j1-socketappender: DoS via hashmap logging", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8 and 9 security impacts have been reduced to Low as they do not enable the vulnerable JDK by default.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26464", }, { category: "external", summary: "RHBZ#2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26464", url: "https://www.cve.org/CVERecord?id=CVE-2023-26464", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", }, { category: "external", summary: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", url: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", }, ], release_date: "2023-03-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T07:21:50+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5485", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j1-socketappender: DoS via hashmap logging", }, { cve: "CVE-2023-33201", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-06-16T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2215465", }, ], notes: [ { category: "description", text: "A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain unauthorized information via blind LDAP Injection, exploring the environment and enumerating data. The exploit depends on the structure of the target LDAP directory as well as what kind of errors are exposed to the user.", title: "Vulnerability description", }, { category: "summary", text: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", ], known_not_affected: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-33201", }, { category: "external", summary: "RHBZ#2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-33201", url: "https://www.cve.org/CVERecord?id=CVE-2023-33201", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", }, { category: "external", summary: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", url: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", }, ], release_date: "2023-06-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T07:21:50+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5485", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", }, { cve: "CVE-2023-34462", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2023-06-23T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216888", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's SniHandler while navigating TLS handshake which may permit a large heap allocation if the handler did not have a timeout configured. This issue may allow an attacker to send a client hello packet which would cause the server to buffer large amounts of data per connection, potentially causing an out of memory error, resulting in Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "netty: SniHandler 16MB allocation leads to OOM", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", ], known_not_affected: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-34462", }, { category: "external", summary: "RHBZ#2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-34462", url: "https://www.cve.org/CVERecord?id=CVE-2023-34462", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", }, ], release_date: "2023-06-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T07:21:50+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5485", }, { category: "workaround", details: "Configuration of SniHandler with an idle timeout will mitigate this issue.", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: SniHandler 16MB allocation leads to OOM", }, ], }
rhsa-2023:5486
Vulnerability from csaf_redhat
Published
2023-10-06 03:41
Modified
2025-03-24 12:02
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update on RHEL 9
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)
* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)
* nodejs-semver: Regular expression denial of service (CVE-2022-25883)
* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)
* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)
* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)
* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)\n\n* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)\n\n* nodejs-semver: Regular expression denial of service (CVE-2022-25883)\n\n* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)\n\n* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)\n\n* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)\n\n* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:5486", url: "https://access.redhat.com/errata/RHSA-2023:5486", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", }, { category: "external", summary: "2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "JBEAP-24667", url: "https://issues.redhat.com/browse/JBEAP-24667", }, { category: "external", summary: "JBEAP-24799", url: "https://issues.redhat.com/browse/JBEAP-24799", }, { category: "external", summary: "JBEAP-24966", url: "https://issues.redhat.com/browse/JBEAP-24966", }, { category: "external", summary: "JBEAP-24985", url: "https://issues.redhat.com/browse/JBEAP-24985", }, { category: "external", summary: "JBEAP-25032", url: "https://issues.redhat.com/browse/JBEAP-25032", }, { category: "external", summary: "JBEAP-25033", url: "https://issues.redhat.com/browse/JBEAP-25033", }, { category: "external", summary: "JBEAP-25078", url: "https://issues.redhat.com/browse/JBEAP-25078", }, { category: "external", summary: "JBEAP-25122", url: "https://issues.redhat.com/browse/JBEAP-25122", }, { category: "external", summary: "JBEAP-25135", url: "https://issues.redhat.com/browse/JBEAP-25135", }, { category: "external", summary: "JBEAP-25186", url: "https://issues.redhat.com/browse/JBEAP-25186", }, { category: "external", summary: "JBEAP-25200", url: "https://issues.redhat.com/browse/JBEAP-25200", }, { category: "external", summary: "JBEAP-25225", url: "https://issues.redhat.com/browse/JBEAP-25225", }, { category: "external", summary: "JBEAP-25261", url: "https://issues.redhat.com/browse/JBEAP-25261", }, { category: "external", summary: "JBEAP-25285", url: "https://issues.redhat.com/browse/JBEAP-25285", }, { category: "external", summary: "JBEAP-25312", url: "https://issues.redhat.com/browse/JBEAP-25312", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5486.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update on RHEL 9", tracking: { current_release_date: "2025-03-24T12:02:36+00:00", generator: { date: "2025-03-24T12:02:36+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2023:5486", initial_release_date: "2023-10-06T03:41:07+00:00", revision_history: [ { date: "2023-10-06T03:41:07+00:00", number: "1", summary: "Initial version", }, { date: "2023-10-06T03:41:07+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-24T12:02:36+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss EAP 7.4 for RHEL 9", product: { name: "Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.20-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", product: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", product_id: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-undertow@2.2.26-1.SP1_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-mod_cluster@1.4.5-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", product: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", product_id: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-31.Final_redhat_00030.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.94-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", product: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", product_id: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.13-2.SP1_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.10-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hal-console@3.3.19-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar@1.5.15-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-modules@1.12.2-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", product: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", product_id: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-15.redhat_00049.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", product: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", product_id: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.76.0-4.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.94-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", product: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", product_id: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.13-8.GA_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy@3.15.8-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate@5.3.31-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.20-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.20-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", product: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", product_id: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-undertow@2.2.26-1.SP1_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-mod_cluster@1.4.5-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product_id: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-31.Final_redhat_00030.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product: { name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product_id: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-31.Final_redhat_00030.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product: { name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product_id: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-31.Final_redhat_00030.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-buffer@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-common@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-rxtx@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-udt@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", product: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", product_id: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.13-2.SP1_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", product: { name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", product_id: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.13-2.SP1_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.10-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hal-console@3.3.19-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-modules@1.12.2-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_id: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.76.0-4.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product: { name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_id: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-mail@1.76.0-4.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product: { name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_id: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-pg@1.76.0-4.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product: { name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_id: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.76.0-4.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product: { name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_id: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-prov@1.76.0-4.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product: { name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_id: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-util@1.76.0-4.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.13-8.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.13-8.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.13-8.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.13-8.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.13-8.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-modules@7.4.13-8.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-cdi@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-client@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-crypto@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jsapi@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-spring@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate@5.3.31-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-core@5.3.31-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-envers@5.3.31-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", product_id: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.94-1.Final_redhat_00001.1.el9eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", product_id: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.94-1.Final_redhat_00001.1.el9eap?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", }, product_reference: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", }, product_reference: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", }, product_reference: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", }, product_reference: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", }, product_reference: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", }, product_reference: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", }, product_reference: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", }, product_reference: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", }, product_reference: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, ], }, vulnerabilities: [ { cve: "CVE-2022-25883", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2023-06-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216475", }, ], notes: [ { category: "description", text: "A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size, resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-semver: Regular expression denial of service", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Advanced Cluster Management for Kubernetes-2 and Red Hat Advanced Cluster Security-3 has been marked as Low severity because node-semver is a Dev dependency for those, used only during the build process, and not used in customer environments.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM) the server-regexp dependency is protected by OAuth what is reducing impact by this flaw to Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25883", }, { category: "external", summary: "RHBZ#2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25883", url: "https://www.cve.org/CVERecord?id=CVE-2022-25883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", }, { category: "external", summary: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", url: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", url: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", }, ], release_date: "2023-06-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T03:41:07+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5486", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nodejs-semver: Regular expression denial of service", }, { cve: "CVE-2023-3171", cwe: { id: "CWE-789", name: "Memory Allocation with Excessive Size Value", }, discovery_date: "2023-04-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2213639", }, ], notes: [ { category: "description", text: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "eap-7: heap exhaustion via deserialization", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { category: "external", summary: "RHBZ#2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3171", url: "https://www.cve.org/CVERecord?id=CVE-2023-3171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T03:41:07+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5486", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "eap-7: heap exhaustion via deserialization", }, { cve: "CVE-2023-4061", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-08-02T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2228608", }, ], notes: [ { category: "description", text: "A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system.", title: "Vulnerability description", }, { category: "summary", text: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability requires a malicious user to previously have access to the system, especially access to the HAL interface via browser and logged with a management user who have access to the resolve-expression method, hence the moderate impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], known_not_affected: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-4061", }, { category: "external", summary: "RHBZ#2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-4061", url: "https://www.cve.org/CVERecord?id=CVE-2023-4061", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T03:41:07+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5486", }, { category: "workaround", details: "Wildfly administrators are recommended to use Vault, especially the Elytron subsystem, to store potential critical information such as DNS, IPs, and credentials.", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", }, { acknowledgments: [ { names: [ "Kokorin Vsevolod", ], }, ], cve: "CVE-2023-26136", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, discovery_date: "2023-07-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2219310", }, ], notes: [ { category: "description", text: "A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.", title: "Vulnerability description", }, { category: "summary", text: "tough-cookie: prototype pollution in cookie memstore", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26136", }, { category: "external", summary: "RHBZ#2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26136", url: "https://www.cve.org/CVERecord?id=CVE-2023-26136", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", url: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/issues/282", url: "https://github.com/salesforce/tough-cookie/issues/282", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", url: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", }, { category: "external", summary: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", url: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", }, ], release_date: "2023-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T03:41:07+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5486", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tough-cookie: prototype pollution in cookie memstore", }, { cve: "CVE-2023-26464", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-03-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2182864", }, ], notes: [ { category: "description", text: "A flaw was found in Chainsaw and SocketAppender components with Log4j 1.x on JRE, less than 1.7. This issue may allow an attacker to use a logging entry with a specially-crafted hashmap or hashtable, depending on which logging component is in use, to process and exhaust the available memory in the virtual machine, resulting in a Denial of Service when the object is deserialized. This issue affects Apache Log4j before version 2.", title: "Vulnerability description", }, { category: "summary", text: "log4j1-socketappender: DoS via hashmap logging", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8 and 9 security impacts have been reduced to Low as they do not enable the vulnerable JDK by default.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26464", }, { category: "external", summary: "RHBZ#2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26464", url: "https://www.cve.org/CVERecord?id=CVE-2023-26464", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", }, { category: "external", summary: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", url: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", }, ], release_date: "2023-03-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T03:41:07+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5486", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j1-socketappender: DoS via hashmap logging", }, { cve: "CVE-2023-33201", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-06-16T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2215465", }, ], notes: [ { category: "description", text: "A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain unauthorized information via blind LDAP Injection, exploring the environment and enumerating data. The exploit depends on the structure of the target LDAP directory as well as what kind of errors are exposed to the user.", title: "Vulnerability description", }, { category: "summary", text: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", ], known_not_affected: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-33201", }, { category: "external", summary: "RHBZ#2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-33201", url: "https://www.cve.org/CVERecord?id=CVE-2023-33201", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", }, { category: "external", summary: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", url: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", }, ], release_date: "2023-06-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T03:41:07+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5486", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", }, { cve: "CVE-2023-34462", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2023-06-23T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216888", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's SniHandler while navigating TLS handshake which may permit a large heap allocation if the handler did not have a timeout configured. This issue may allow an attacker to send a client hello packet which would cause the server to buffer large amounts of data per connection, potentially causing an out of memory error, resulting in Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "netty: SniHandler 16MB allocation leads to OOM", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", ], known_not_affected: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-34462", }, { category: "external", summary: "RHBZ#2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-34462", url: "https://www.cve.org/CVERecord?id=CVE-2023-34462", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", }, ], release_date: "2023-06-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T03:41:07+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5486", }, { category: "workaround", details: "Configuration of SniHandler with an idle timeout will mitigate this issue.", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: SniHandler 16MB allocation leads to OOM", }, ], }
rhsa-2023_5484
Vulnerability from csaf_redhat
Published
2023-10-05 20:23
Modified
2024-12-17 23:05
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update on RHEL 7
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)
* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)
* nodejs-semver: Regular expression denial of service (CVE-2022-25883)
* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)
* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)
* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)
* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)\n\n* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)\n\n* nodejs-semver: Regular expression denial of service (CVE-2022-25883)\n\n* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)\n\n* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)\n\n* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)\n\n* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:5484", url: "https://access.redhat.com/errata/RHSA-2023:5484", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", }, { category: "external", summary: "2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "JBEAP-24667", url: "https://issues.redhat.com/browse/JBEAP-24667", }, { category: "external", summary: "JBEAP-24797", url: "https://issues.redhat.com/browse/JBEAP-24797", }, { category: "external", summary: "JBEAP-24966", url: "https://issues.redhat.com/browse/JBEAP-24966", }, { category: "external", summary: "JBEAP-24985", url: "https://issues.redhat.com/browse/JBEAP-24985", }, { category: "external", summary: "JBEAP-25032", url: "https://issues.redhat.com/browse/JBEAP-25032", }, { category: "external", summary: "JBEAP-25033", url: "https://issues.redhat.com/browse/JBEAP-25033", }, { category: "external", summary: "JBEAP-25078", url: "https://issues.redhat.com/browse/JBEAP-25078", }, { category: "external", summary: "JBEAP-25122", url: "https://issues.redhat.com/browse/JBEAP-25122", }, { category: "external", summary: "JBEAP-25135", url: "https://issues.redhat.com/browse/JBEAP-25135", }, { category: "external", summary: "JBEAP-25186", url: "https://issues.redhat.com/browse/JBEAP-25186", }, { category: "external", summary: "JBEAP-25200", url: "https://issues.redhat.com/browse/JBEAP-25200", }, { category: "external", summary: "JBEAP-25225", url: "https://issues.redhat.com/browse/JBEAP-25225", }, { category: "external", summary: "JBEAP-25261", url: "https://issues.redhat.com/browse/JBEAP-25261", }, { category: "external", summary: "JBEAP-25285", url: "https://issues.redhat.com/browse/JBEAP-25285", }, { category: "external", summary: "JBEAP-25312", url: "https://issues.redhat.com/browse/JBEAP-25312", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5484.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update on RHEL 7", tracking: { current_release_date: "2024-12-17T23:05:16+00:00", generator: { date: "2024-12-17T23:05:16+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2023:5484", initial_release_date: "2023-10-05T20:23:52+00:00", revision_history: [ { date: "2023-10-05T20:23:52+00:00", number: "1", summary: "Initial version", }, { date: "2023-10-05T20:23:52+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T23:05:16+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss EAP 7.4 for RHEL 7 Server", product: { name: "Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", product: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", product_id: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-undertow@2.2.26-1.SP1_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.20-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", product: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", product_id: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.13-2.SP1_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.94-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.10-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy@3.15.8-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", product: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", product_id: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-31.Final_redhat_00030.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-mod_cluster@1.4.5-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate@5.3.31-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hal-console@3.3.19-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar@1.5.15-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-modules@1.12.2-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", product: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", product_id: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-15.redhat_00049.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", product: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", product_id: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.76.0-4.redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.94-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", product: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", product_id: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.13-8.GA_redhat_00001.1.el7eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", product: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", product_id: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-undertow@2.2.26-1.SP1_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.20-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.20-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.13-2.SP1_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.13-2.SP1_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-all@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-buffer@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-common@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-rxtx@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-udt@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.10-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-cdi@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-client@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-crypto@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jsapi@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-spring@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-31.Final_redhat_00030.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-31.Final_redhat_00030.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-31.Final_redhat_00030.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-mod_cluster@1.4.5-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate@5.3.31-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-core@5.3.31-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.31-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-envers@5.3.31-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-java8@5.3.31-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hal-console@3.3.19-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-modules@1.12.2-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_id: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.76.0-4.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product: { name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_id: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-mail@1.76.0-4.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product: { name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_id: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-pg@1.76.0-4.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product: { name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_id: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.76.0-4.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product: { name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_id: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-prov@1.76.0-4.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product: { name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_id: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-util@1.76.0-4.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.13-8.GA_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.13-8.GA_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.13-8.GA_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.13-8.GA_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-modules@7.4.13-8.GA_redhat_00001.1.el7eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", product_id: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.94-1.Final_redhat_00001.1.el7eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", product_id: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.94-1.Final_redhat_00001.1.el7eap?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", }, product_reference: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", }, product_reference: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", }, product_reference: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", }, product_reference: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", }, product_reference: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", }, product_reference: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, ], }, vulnerabilities: [ { cve: "CVE-2022-25883", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2023-06-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216475", }, ], notes: [ { category: "description", text: "A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size, resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-semver: Regular expression denial of service", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Advanced Cluster Management for Kubernetes-2 and Red Hat Advanced Cluster Security-3 has been marked as Low severity because node-semver is a Dev dependency for those, used only during the build process, and not used in customer environments.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM) the server-regexp dependency is protected by OAuth what is reducing impact by this flaw to Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25883", }, { category: "external", summary: "RHBZ#2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25883", url: "https://www.cve.org/CVERecord?id=CVE-2022-25883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", }, { category: "external", summary: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", url: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", url: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", }, ], release_date: "2023-06-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:23:52+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5484", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nodejs-semver: Regular expression denial of service", }, { cve: "CVE-2023-3171", cwe: { id: "CWE-789", name: "Memory Allocation with Excessive Size Value", }, discovery_date: "2023-04-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2213639", }, ], notes: [ { category: "description", text: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "eap-7: heap exhaustion via deserialization", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { category: "external", summary: "RHBZ#2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3171", url: "https://www.cve.org/CVERecord?id=CVE-2023-3171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:23:52+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5484", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "eap-7: heap exhaustion via deserialization", }, { cve: "CVE-2023-4061", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-08-02T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2228608", }, ], notes: [ { category: "description", text: "A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system.", title: "Vulnerability description", }, { category: "summary", text: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability requires a malicious user to previously have access to the system, especially access to the HAL interface via browser and logged with a management user who have access to the resolve-expression method, hence the moderate impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], known_not_affected: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-4061", }, { category: "external", summary: "RHBZ#2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-4061", url: "https://www.cve.org/CVERecord?id=CVE-2023-4061", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:23:52+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5484", }, { category: "workaround", details: "Wildfly administrators are recommended to use Vault, especially the Elytron subsystem, to store potential critical information such as DNS, IPs, and credentials.", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", }, { acknowledgments: [ { names: [ "Kokorin Vsevolod", ], }, ], cve: "CVE-2023-26136", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, discovery_date: "2023-07-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2219310", }, ], notes: [ { category: "description", text: "A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.", title: "Vulnerability description", }, { category: "summary", text: "tough-cookie: prototype pollution in cookie memstore", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26136", }, { category: "external", summary: "RHBZ#2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26136", url: "https://www.cve.org/CVERecord?id=CVE-2023-26136", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", url: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/issues/282", url: "https://github.com/salesforce/tough-cookie/issues/282", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", url: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", }, { category: "external", summary: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", url: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", }, ], release_date: "2023-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:23:52+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5484", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tough-cookie: prototype pollution in cookie memstore", }, { cve: "CVE-2023-26464", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-03-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2182864", }, ], notes: [ { category: "description", text: "A flaw was found in Chainsaw and SocketAppender components with Log4j 1.x on JRE, less than 1.7. This issue may allow an attacker to use a logging entry with a specially-crafted hashmap or hashtable, depending on which logging component is in use, to process and exhaust the available memory in the virtual machine, resulting in a Denial of Service when the object is deserialized. This issue affects Apache Log4j before version 2.", title: "Vulnerability description", }, { category: "summary", text: "log4j1-socketappender: DoS via hashmap logging", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8 and 9 security impacts have been reduced to Low as they do not enable the vulnerable JDK by default.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26464", }, { category: "external", summary: "RHBZ#2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26464", url: "https://www.cve.org/CVERecord?id=CVE-2023-26464", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", }, { category: "external", summary: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", url: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", }, ], release_date: "2023-03-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:23:52+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5484", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j1-socketappender: DoS via hashmap logging", }, { cve: "CVE-2023-33201", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-06-16T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2215465", }, ], notes: [ { category: "description", text: "A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain unauthorized information via blind LDAP Injection, exploring the environment and enumerating data. The exploit depends on the structure of the target LDAP directory as well as what kind of errors are exposed to the user.", title: "Vulnerability description", }, { category: "summary", text: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", ], known_not_affected: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-33201", }, { category: "external", summary: "RHBZ#2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-33201", url: "https://www.cve.org/CVERecord?id=CVE-2023-33201", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", }, { category: "external", summary: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", url: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", }, ], release_date: "2023-06-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:23:52+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5484", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", }, { cve: "CVE-2023-34462", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2023-06-23T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216888", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's SniHandler while navigating TLS handshake which may permit a large heap allocation if the handler did not have a timeout configured. This issue may allow an attacker to send a client hello packet which would cause the server to buffer large amounts of data per connection, potentially causing an out of memory error, resulting in Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "netty: SniHandler 16MB allocation leads to OOM", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", ], known_not_affected: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-34462", }, { category: "external", summary: "RHBZ#2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-34462", url: "https://www.cve.org/CVERecord?id=CVE-2023-34462", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", }, ], release_date: "2023-06-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:23:52+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5484", }, { category: "workaround", details: "Configuration of SniHandler with an idle timeout will mitigate this issue.", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: SniHandler 16MB allocation leads to OOM", }, ], }
rhsa-2023_5485
Vulnerability from csaf_redhat
Published
2023-10-06 07:21
Modified
2024-12-17 23:05
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update on RHEL 8
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)
* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)
* nodejs-semver: Regular expression denial of service (CVE-2022-25883)
* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)
* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)
* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)
* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)\n\n* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)\n\n* nodejs-semver: Regular expression denial of service (CVE-2022-25883)\n\n* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)\n\n* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)\n\n* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)\n\n* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:5485", url: "https://access.redhat.com/errata/RHSA-2023:5485", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", }, { category: "external", summary: "2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "JBEAP-24667", url: "https://issues.redhat.com/browse/JBEAP-24667", }, { category: "external", summary: "JBEAP-24798", url: "https://issues.redhat.com/browse/JBEAP-24798", }, { category: "external", summary: "JBEAP-24966", url: "https://issues.redhat.com/browse/JBEAP-24966", }, { category: "external", summary: "JBEAP-24985", url: "https://issues.redhat.com/browse/JBEAP-24985", }, { category: "external", summary: "JBEAP-25032", url: "https://issues.redhat.com/browse/JBEAP-25032", }, { category: "external", summary: "JBEAP-25033", url: "https://issues.redhat.com/browse/JBEAP-25033", }, { category: "external", summary: "JBEAP-25078", url: "https://issues.redhat.com/browse/JBEAP-25078", }, { category: "external", summary: "JBEAP-25122", url: "https://issues.redhat.com/browse/JBEAP-25122", }, { category: "external", summary: "JBEAP-25135", url: "https://issues.redhat.com/browse/JBEAP-25135", }, { category: "external", summary: "JBEAP-25186", url: "https://issues.redhat.com/browse/JBEAP-25186", }, { category: "external", summary: "JBEAP-25200", url: "https://issues.redhat.com/browse/JBEAP-25200", }, { category: "external", summary: "JBEAP-25225", url: "https://issues.redhat.com/browse/JBEAP-25225", }, { category: "external", summary: "JBEAP-25261", url: "https://issues.redhat.com/browse/JBEAP-25261", }, { category: "external", summary: "JBEAP-25285", url: "https://issues.redhat.com/browse/JBEAP-25285", }, { category: "external", summary: "JBEAP-25312", url: "https://issues.redhat.com/browse/JBEAP-25312", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5485.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update on RHEL 8", tracking: { current_release_date: "2024-12-17T23:05:37+00:00", generator: { date: "2024-12-17T23:05:37+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2023:5485", initial_release_date: "2023-10-06T07:21:50+00:00", revision_history: [ { date: "2023-10-06T07:21:50+00:00", number: "1", summary: "Initial version", }, { date: "2023-10-06T07:21:50+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T23:05:37+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss EAP 7.4 for RHEL 8", product: { name: "Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy@3.15.8-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", product: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", product_id: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-31.Final_redhat_00030.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", product: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", product_id: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.13-2.SP1_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.94-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.10-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-mod_cluster@1.4.5-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.20-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate@5.3.31-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hal-console@3.3.19-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar@1.5.15-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", product: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", product_id: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-15.redhat_00049.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", product: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", product_id: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.76.0-4.redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", product: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", product_id: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.13-8.GA_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-modules@1.12.2-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", product: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", product_id: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-undertow@2.2.26-1.SP1_redhat_00001.1.el8eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", product: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", product_id: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.94-1.Final_redhat_00001.1.el8eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-cdi@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-client@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-crypto@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jsapi@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-spring@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.15.8-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product_id: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-31.Final_redhat_00030.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product: { name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product_id: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-31.Final_redhat_00030.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product: { name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product_id: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-31.Final_redhat_00030.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", product: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", product_id: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.13-2.SP1_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", product: { name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", product_id: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.13-2.SP1_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-all@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-buffer@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-common@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-rxtx@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-udt@4.1.94-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.10-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-mod_cluster@1.4.5-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.20-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.20-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate@5.3.31-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-core@5.3.31-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.31-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-envers@5.3.31-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-java8@5.3.31-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hal-console@3.3.19-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.15-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product: { name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_id: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-15.redhat_00049.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_id: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.76.0-4.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product: { name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_id: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-mail@1.76.0-4.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product: { name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_id: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-pg@1.76.0-4.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product: { name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_id: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.76.0-4.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product: { name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_id: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-prov@1.76.0-4.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product: { name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_id: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-util@1.76.0-4.redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.13-8.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.13-8.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.13-8.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.13-8.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.13-8.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product: { name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_id: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-modules@7.4.13-8.GA_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", product: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", product_id: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-modules@1.12.2-1.Final_redhat_00001.1.el8eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", product: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", product_id: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-undertow@2.2.26-1.SP1_redhat_00001.1.el8eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", product_id: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.94-1.Final_redhat_00001.1.el8eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", product_id: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.94-1.Final_redhat_00001.1.el8eap?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", }, product_reference: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", }, product_reference: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", }, product_reference: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", }, product_reference: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", }, product_reference: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", }, product_reference: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", }, product_reference: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", }, product_reference: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", }, product_reference: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", }, product_reference: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", }, product_reference: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", product_id: "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", }, product_reference: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", relates_to_product_reference: "8Base-JBEAP-7.4", }, ], }, vulnerabilities: [ { cve: "CVE-2022-25883", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2023-06-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216475", }, ], notes: [ { category: "description", text: "A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size, resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-semver: Regular expression denial of service", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Advanced Cluster Management for Kubernetes-2 and Red Hat Advanced Cluster Security-3 has been marked as Low severity because node-semver is a Dev dependency for those, used only during the build process, and not used in customer environments.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM) the server-regexp dependency is protected by OAuth what is reducing impact by this flaw to Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25883", }, { category: "external", summary: "RHBZ#2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25883", url: "https://www.cve.org/CVERecord?id=CVE-2022-25883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", }, { category: "external", summary: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", url: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", url: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", }, ], release_date: "2023-06-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T07:21:50+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5485", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nodejs-semver: Regular expression denial of service", }, { cve: "CVE-2023-3171", cwe: { id: "CWE-789", name: "Memory Allocation with Excessive Size Value", }, discovery_date: "2023-04-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2213639", }, ], notes: [ { category: "description", text: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "eap-7: heap exhaustion via deserialization", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { category: "external", summary: "RHBZ#2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3171", url: "https://www.cve.org/CVERecord?id=CVE-2023-3171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T07:21:50+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5485", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "eap-7: heap exhaustion via deserialization", }, { cve: "CVE-2023-4061", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-08-02T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2228608", }, ], notes: [ { category: "description", text: "A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system.", title: "Vulnerability description", }, { category: "summary", text: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability requires a malicious user to previously have access to the system, especially access to the HAL interface via browser and logged with a management user who have access to the resolve-expression method, hence the moderate impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], known_not_affected: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-4061", }, { category: "external", summary: "RHBZ#2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-4061", url: "https://www.cve.org/CVERecord?id=CVE-2023-4061", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T07:21:50+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5485", }, { category: "workaround", details: "Wildfly administrators are recommended to use Vault, especially the Elytron subsystem, to store potential critical information such as DNS, IPs, and credentials.", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", }, { acknowledgments: [ { names: [ "Kokorin Vsevolod", ], }, ], cve: "CVE-2023-26136", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, discovery_date: "2023-07-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2219310", }, ], notes: [ { category: "description", text: "A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.", title: "Vulnerability description", }, { category: "summary", text: "tough-cookie: prototype pollution in cookie memstore", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26136", }, { category: "external", summary: "RHBZ#2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26136", url: "https://www.cve.org/CVERecord?id=CVE-2023-26136", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", url: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/issues/282", url: "https://github.com/salesforce/tough-cookie/issues/282", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", url: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", }, { category: "external", summary: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", url: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", }, ], release_date: "2023-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T07:21:50+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5485", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tough-cookie: prototype pollution in cookie memstore", }, { cve: "CVE-2023-26464", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-03-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2182864", }, ], notes: [ { category: "description", text: "A flaw was found in Chainsaw and SocketAppender components with Log4j 1.x on JRE, less than 1.7. This issue may allow an attacker to use a logging entry with a specially-crafted hashmap or hashtable, depending on which logging component is in use, to process and exhaust the available memory in the virtual machine, resulting in a Denial of Service when the object is deserialized. This issue affects Apache Log4j before version 2.", title: "Vulnerability description", }, { category: "summary", text: "log4j1-socketappender: DoS via hashmap logging", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8 and 9 security impacts have been reduced to Low as they do not enable the vulnerable JDK by default.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26464", }, { category: "external", summary: "RHBZ#2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26464", url: "https://www.cve.org/CVERecord?id=CVE-2023-26464", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", }, { category: "external", summary: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", url: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", }, ], release_date: "2023-03-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T07:21:50+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5485", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j1-socketappender: DoS via hashmap logging", }, { cve: "CVE-2023-33201", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-06-16T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2215465", }, ], notes: [ { category: "description", text: "A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain unauthorized information via blind LDAP Injection, exploring the environment and enumerating data. The exploit depends on the structure of the target LDAP directory as well as what kind of errors are exposed to the user.", title: "Vulnerability description", }, { category: "summary", text: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", ], known_not_affected: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-33201", }, { category: "external", summary: "RHBZ#2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-33201", url: "https://www.cve.org/CVERecord?id=CVE-2023-33201", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", }, { category: "external", summary: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", url: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", }, ], release_date: "2023-06-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T07:21:50+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5485", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", }, { cve: "CVE-2023-34462", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2023-06-23T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216888", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's SniHandler while navigating TLS handshake which may permit a large heap allocation if the handler did not have a timeout configured. This issue may allow an attacker to send a client hello packet which would cause the server to buffer large amounts of data per connection, potentially causing an out of memory error, resulting in Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "netty: SniHandler 16MB allocation leads to OOM", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", ], known_not_affected: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-34462", }, { category: "external", summary: "RHBZ#2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-34462", url: "https://www.cve.org/CVERecord?id=CVE-2023-34462", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", }, ], release_date: "2023-06-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T07:21:50+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5485", }, { category: "workaround", details: "Configuration of SniHandler with an idle timeout will mitigate this issue.", product_ids: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el8eap.src", "8Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el8eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: SniHandler 16MB allocation leads to OOM", }, ], }
rhsa-2024_10207
Vulnerability from csaf_redhat
Published
2024-11-25 00:12
Modified
2024-12-17 23:06
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.11 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.11 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.10, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.11 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding [eap-7.3.z] (CVE-2024-28752)
* h2: Loading of custom classes from remote servers through JNDI [eap-7.3.z] (CVE-2022-23221)
* log4j: Unsafe deserialization flaw in Chainsaw log viewer [eap-7.3.z] (CVE-2022-23307)
* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender [eap-7.3.z] (CVE-2022-23305)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender [eap-7.3.z] (CVE-2021-4104)
* CXF: Apache CXF: SSRF Vulnerability [eap-7.3.z] (CVE-2022-46364)
* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging [eap-7.3.z] (CVE-2023-26464)
* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.3.z] (CVE-2022-34169)
* xnio: StackOverflowException when the chain of notifier states becomes problematically big [eap-7.3.z] (CVE-2023-5685)
* hsqldb: Untrusted input may lead to RCE attack [eap-7.3.z] (CVE-2022-41853)
* server: eap-7: heap exhaustion via deserialization [eap-7.3.z] (CVE-2023-3171)
* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK [eap-7.3.z] (CVE-2023-39410)
* undertow: client side invocation timeout raised when calling EJB over HTTP and HTTP2 [eap-7.3.z] (CVE-2021-3859)
* avro: apache-avro: Schema parsing may trigger Remote Code Execution (RCE) [eap-7.3.z] (CVE-2024-47561)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.11 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.10, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.11 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding [eap-7.3.z] (CVE-2024-28752)\n\n* h2: Loading of custom classes from remote servers through JNDI [eap-7.3.z] (CVE-2022-23221)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer [eap-7.3.z] (CVE-2022-23307)\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender [eap-7.3.z] (CVE-2022-23305)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender [eap-7.3.z] (CVE-2021-4104)\n\n* CXF: Apache CXF: SSRF Vulnerability [eap-7.3.z] (CVE-2022-46364)\n\n* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging [eap-7.3.z] (CVE-2023-26464)\n\n* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.3.z] (CVE-2022-34169)\n\n* xnio: StackOverflowException when the chain of notifier states becomes problematically big [eap-7.3.z] (CVE-2023-5685)\n\n* hsqldb: Untrusted input may lead to RCE attack [eap-7.3.z] (CVE-2022-41853)\n\n* server: eap-7: heap exhaustion via deserialization [eap-7.3.z] (CVE-2023-3171)\n\n* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK [eap-7.3.z] (CVE-2023-39410)\n\n* undertow: client side invocation timeout raised when calling EJB over HTTP and HTTP2 [eap-7.3.z] (CVE-2021-3859)\n\n* avro: apache-avro: Schema parsing may trigger Remote Code Execution (RCE) [eap-7.3.z] (CVE-2024-47561)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:10207", url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/index", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/index", }, { category: "external", summary: "2010378", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2010378", }, { category: "external", summary: "2031667", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2031667", }, { category: "external", summary: "2041959", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2041959", }, { category: "external", summary: "2041967", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2041967", }, { category: "external", summary: "2044596", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2044596", }, { category: "external", summary: "2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "2136141", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2136141", }, { category: "external", summary: "2155682", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2155682", }, { category: "external", summary: "2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "2241822", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2241822", }, { category: "external", summary: "2242521", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2242521", }, { category: "external", summary: "2270732", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270732", }, { category: "external", summary: "2316116", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2316116", }, { category: "external", summary: "JBEAP-23025", url: "https://issues.redhat.com/browse/JBEAP-23025", }, { category: "external", summary: "JBEAP-28084", url: "https://issues.redhat.com/browse/JBEAP-28084", }, { category: "external", summary: "JBEAP-28089", url: "https://issues.redhat.com/browse/JBEAP-28089", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10207.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.11 Security update", tracking: { current_release_date: "2024-12-17T23:06:37+00:00", generator: { date: "2024-12-17T23:06:37+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:10207", initial_release_date: "2024-11-25T00:12:17+00:00", revision_history: [ { date: "2024-11-25T00:12:17+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-25T00:12:17+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T23:06:37+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product: { name: "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.15-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", product: { name: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", product_id: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf@3.4.10-1.SP1_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.13-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", product: { name: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", product_id: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-avro@1.7.6-8.redhat_00003.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", product: { name: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", product_id: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j@2.3.3-2.redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", product: { name: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", product_id: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-xml-security@2.2.3-2.redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", product: { name: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", product_id: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-38.redhat_00015.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", product: { name: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", product_id: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-log4j-jboss-logmanager@1.2.2-2.Final_redhat_00002.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", product: { name: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", product_id: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-h2database@1.4.197-3.redhat_00004.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", product_id: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-annotations-api_1.3_spec@2.0.1-4.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", product: { name: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", product_id: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-12.Final_redhat_00013.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", product: { name: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", product_id: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.3.11-4.GA_redhat_00002.1.el7eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product: { name: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_id: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf@3.4.10-1.SP1_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product: { name: "eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_id: "eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf-rt@3.4.10-1.SP1_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product: { name: "eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_id: "eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf-services@3.4.10-1.SP1_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product: { name: "eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_id: "eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf-tools@3.4.10-1.SP1_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.13-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", product: { name: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", product_id: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-avro@1.7.6-8.redhat_00003.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j@2.3.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j-bindings@2.3.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j-policy@2.3.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j-ws-security-common@2.3.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j-ws-security-dom@2.3.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j-ws-security-policy-stax@2.3.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j-ws-security-stax@2.3.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-xml-security@2.2.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", product: { name: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", product_id: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-38.redhat_00015.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", product: { name: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", product_id: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-log4j-jboss-logmanager@1.2.2-2.Final_redhat_00002.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", product: { name: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", product_id: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-h2database@1.4.197-3.redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-annotations-api_1.3_spec@2.0.1-4.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.3@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2-to-eap7.3@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.3-server@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly15.0-server@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly16.0-server@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly17.0-server@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly18.0-server@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product: { name: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_id: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.3.11-4.GA_redhat_00002.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product: { name: "eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_id: "eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.3.11-4.GA_redhat_00002.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product: { name: "eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_id: "eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.3.11-4.GA_redhat_00002.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product: { name: "eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_id: "eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.11-4.GA_redhat_00002.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product: { name: "eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_id: "eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-modules@7.3.11-4.GA_redhat_00002.1.el7eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", }, product_reference: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", }, product_reference: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", }, product_reference: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", }, product_reference: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", }, product_reference: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", }, product_reference: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", }, product_reference: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", }, product_reference: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", }, product_reference: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", }, product_reference: "eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", }, product_reference: "eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", }, product_reference: "eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", }, product_reference: "eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", }, product_reference: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", }, product_reference: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", }, product_reference: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", }, product_reference: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2021-3859", cwe: { id: "CWE-214", name: "Invocation of Process Using Visible Sensitive Information", }, discovery_date: "2021-09-05T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2010378", }, ], notes: [ { category: "description", text: "A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks.", title: "Vulnerability description", }, { category: "summary", text: "undertow: client side invocation timeout raised when calling over HTTP2", title: "Vulnerability summary", }, { category: "other", text: "Red Hat OpenStack Platform's OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Critical flaws.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-3859", }, { category: "external", summary: "RHBZ#2010378", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2010378", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-3859", url: "https://www.cve.org/CVERecord?id=CVE-2021-3859", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-3859", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-3859", }, ], release_date: "2022-02-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "undertow: client side invocation timeout raised when calling over HTTP2", }, { cve: "CVE-2021-4104", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2021-12-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2031667", }, ], notes: [ { category: "description", text: "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSAppender in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker's JNDI LDAP endpoint.", title: "Vulnerability description", }, { category: "summary", text: "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender", title: "Vulnerability summary", }, { category: "other", text: "Based on the conditions to be exploitable (see details below), the risk is much lower than Log4j 2.x and Red Hat has assessed this to be Moderate severity. This flaw has been filed for Log4j 1.x, and the corresponding flaw information for Log4j 2.x is available at: https://access.redhat.com/security/cve/CVE-2021-44228\n\nNote this flaw ONLY affects applications which are specifically configured to use JMSAppender, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSAppender to the attacker's JNDI LDAP endpoint. \n\nIf the Log4j configuration is set TopicBindingName or TopicConnectionFactoryBindingName configurations allowing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228 Log4j 2.x, Log4j 1.x is vulnerable. However, the attack vector is reduced as it depends on having write access, which is not a standard configuration rather than untrusted user input. These are sufficient factors beyond the attacker's control.\n\nThe tomcat package shipped with Red Hat Enterprise Linux does not include log4j but it does include a default configuration for log4j, log4j.properties, which could be used with tomcat if users choose to install and configure the library. The JMSAppender is not enabled by default, and the permissions of the file can only be modified as root.\n\nRed Hat Virtualization ships log4j12-1.2.17, but it is used and configured in a way which makes this flaw not possible to exploit. Therefore impact is rated Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-4104", }, { category: "external", summary: "RHBZ#2031667", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2031667", }, { category: "external", summary: "RHSB-2021-009", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-4104", url: "https://www.cve.org/CVERecord?id=CVE-2021-4104", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-4104", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-4104", }, { category: "external", summary: "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126", url: "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126", }, { category: "external", summary: "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301", url: "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301", }, { category: "external", summary: "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx", url: "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx", }, { category: "external", summary: "https://www.openwall.com/lists/oss-security/2021/12/13/1", url: "https://www.openwall.com/lists/oss-security/2021/12/13/1", }, ], release_date: "2021-12-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSAppender in the Log4j configuration if it is used\n- Remove the JMSAppender class from the classpath. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSAppender.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender", }, { cve: "CVE-2022-23221", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2022-01-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2044596", }, ], notes: [ { category: "description", text: "A flaw was found in the H2 Console. This flaw allows remote attackers to execute arbitrary code via a JDBC URL, concatenating with a substring that allows remote code execution by using a script.", title: "Vulnerability description", }, { category: "summary", text: "h2: Loading of custom classes from remote servers through JNDI", title: "Vulnerability summary", }, { category: "other", text: "In OpenShift Container Platform (OCP) the openshift-enterprise-3.11/metrics-hawkular-metrics-container container image ships a vulnerable version of h2 as part of the underlying images, but as it uses standard configuration and Console is not enabled/started by default, therefore the impact by this vulnerability is LOW and will not be fixed as OCP 3.x has already reached End of Full Support.\n\n[1] https://access.redhat.com/support/policy/updates/openshift_noncurrent", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-23221", }, { category: "external", summary: "RHBZ#2044596", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2044596", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-23221", url: "https://www.cve.org/CVERecord?id=CVE-2022-23221", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-23221", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-23221", }, { category: "external", summary: "https://github.com/advisories/GHSA-45hx-wfhj-473x", url: "https://github.com/advisories/GHSA-45hx-wfhj-473x", }, ], release_date: "2022-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "h2: Loading of custom classes from remote servers through JNDI", }, { cve: "CVE-2022-23305", cwe: { id: "CWE-89", name: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", }, discovery_date: "2022-01-18T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2041959", }, ], notes: [ { category: "description", text: "A flaw was found in the Java logging library Apache Log4j in version 1.x. JDBCAppender in Log4j 1.x is vulnerable to SQL injection in untrusted data. This allows a remote attacker to run SQL statements in the database if the deployed application is configured to use JDBCAppender with certain interpolation tokens.", title: "Vulnerability description", }, { category: "summary", text: "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender", title: "Vulnerability summary", }, { category: "other", text: "Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JDBCAppender is not used. Therefore the impact of this vulnerability for these products is rated Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-23305", }, { category: "external", summary: "RHBZ#2041959", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2041959", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-23305", url: "https://www.cve.org/CVERecord?id=CVE-2022-23305", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-23305", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-23305", }, { category: "external", summary: "https://www.openwall.com/lists/oss-security/2022/01/18/4", url: "https://www.openwall.com/lists/oss-security/2022/01/18/4", }, ], release_date: "2022-01-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JDBCAppender in the Log4j configuration if it is used\n- Remove the JDBCAppender class from the server's jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/jdbc/JDBCAppender.class\n```", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender", }, { cve: "CVE-2022-23307", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2022-01-18T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2041967", }, ], notes: [ { category: "description", text: "A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run.", title: "Vulnerability description", }, { category: "summary", text: "log4j: Unsafe deserialization flaw in Chainsaw log viewer", title: "Vulnerability summary", }, { category: "other", text: "Chainsaw is a standalone graphical user interface for viewing log entries in log4j. This flaw may be bypassed by using other available means to access log entries.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization ships a vulnerable version of the log4j package, however chainsaw is not part of typical use cases. An attacker looking to exploit this would need to not only be able to generate a malicious log entry, but also have the necessary access and permissions to start chainsaw on the engine node. Therefore the impact of this vulnerability for Red Hat Virtualization is rated Low.\n\nSimilar to Red Hat Virtualization in OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of log4j package, however vulnerable chainsaw component is not used by default. Therefore the impact to OCP is reduced to Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-23307", }, { category: "external", summary: "RHBZ#2041967", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2041967", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-23307", url: "https://www.cve.org/CVERecord?id=CVE-2022-23307", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-23307", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-23307", }, { category: "external", summary: "https://www.openwall.com/lists/oss-security/2022/01/18/5", url: "https://www.openwall.com/lists/oss-security/2022/01/18/5", }, ], release_date: "2022-01-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "These are the mitigations available for this flaw for log4j 1.x:\n- Avoid using Chainsaw to view logs, and instead use some other utility, especially if there is a log view available within the product itself.\n- Remove the Chainsaw classes from the log4j jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/chainsaw/*\n```\n(log4j jars may be nested in zip archives within product)", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j: Unsafe deserialization flaw in Chainsaw log viewer", }, { cve: "CVE-2022-34169", cwe: { id: "CWE-192", name: "Integer Coercion Error", }, discovery_date: "2022-07-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2108554", }, ], notes: [ { category: "description", text: "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-34169", }, { category: "external", summary: "RHBZ#2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-34169", url: "https://www.cve.org/CVERecord?id=CVE-2022-34169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", }, ], release_date: "2022-07-19T20:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", }, { cve: "CVE-2022-41853", cwe: { id: "CWE-470", name: "Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')", }, discovery_date: "2022-10-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2136141", }, ], notes: [ { category: "description", text: "A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.", title: "Vulnerability description", }, { category: "summary", text: "hsqldb: Untrusted input may lead to RCE attack", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-41853", }, { category: "external", summary: "RHBZ#2136141", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2136141", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-41853", url: "https://www.cve.org/CVERecord?id=CVE-2022-41853", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-41853", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-41853", }, { category: "external", summary: "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control", url: "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control", }, { category: "external", summary: "https://github.com/advisories/GHSA-77xx-rxvh-q682", url: "https://github.com/advisories/GHSA-77xx-rxvh-q682", }, ], release_date: "2022-10-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "By default, the static methods of any class that is on the classpath are available for use and can compromise security in some systems. The optional Java system property, hsqldb.method_class_names, allows preventing access to classes other than java.lang.Math or specifying a semicolon-separated list of allowed classes. A property value that ends with .* is treated as a wild card and allows access to all class or method names formed by substitution of the * (asterisk).\n\nIn the example below, the property has been included as an argument to the Java command.\n\n java -Dhsqldb.method_class_names=\"org.me.MyClass;org.you.YourClass;org.you.lib.*\" [the rest of the command line]\n\nThe above example allows access to the methods in the two classes: org.me.MyClass and org.you.YourClass together with all the classes in the org.you.lib package. Note that if the property is not defined, no access control is performed at this level.\n\nThe user who creates a Java routine must have the relevant access privileges on the tables that are used inside the Java method.\n\nOnce the routine has been defined, the normal database access control applies to its user. The routine can be executed only by those users who have been granted EXECUTE privileges on it. Access to routines can be granted to users with GRANT EXECUTE or GRANT ALL. For example, GRANT EXECUTE ON myroutine TO PUBLIC.\n\nIn hsqldb 2.7.1, all classes by default are not accessible, except those in java.lang.Math and need to be manually enabled.", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "hsqldb: Untrusted input may lead to RCE attack", }, { cve: "CVE-2022-46364", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2022-12-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2155682", }, ], notes: [ { category: "description", text: "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.", title: "Vulnerability description", }, { category: "summary", text: "CXF: SSRF Vulnerability", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-46364", }, { category: "external", summary: "RHBZ#2155682", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2155682", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-46364", url: "https://www.cve.org/CVERecord?id=CVE-2022-46364", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-46364", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-46364", }, { category: "external", summary: "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2", url: "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2", }, ], release_date: "2022-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "CXF: SSRF Vulnerability", }, { cve: "CVE-2023-3171", cwe: { id: "CWE-789", name: "Memory Allocation with Excessive Size Value", }, discovery_date: "2023-04-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2213639", }, ], notes: [ { category: "description", text: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "eap-7: heap exhaustion via deserialization", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { category: "external", summary: "RHBZ#2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3171", url: "https://www.cve.org/CVERecord?id=CVE-2023-3171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "eap-7: heap exhaustion via deserialization", }, { cve: "CVE-2023-5685", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-10-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2241822", }, ], notes: [ { category: "description", text: "A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "xnio: StackOverflowException when the chain of notifier states becomes problematically big", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates this vulnerability as an Important impact as the uncontrolled resource consumption may lead to Denial of Service (DoS). This might be intentioned by an attacker who is looking to jeopardize an environment.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-5685", }, { category: "external", summary: "RHBZ#2241822", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2241822", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-5685", url: "https://www.cve.org/CVERecord?id=CVE-2023-5685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-5685", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-5685", }, ], release_date: "2024-03-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "There is currently no mitigation available for this vulnerability. Please keep the packages up-to-date as the updates become available.", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "xnio: StackOverflowException when the chain of notifier states becomes problematically big", }, { cve: "CVE-2023-26464", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-03-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2182864", }, ], notes: [ { category: "description", text: "A flaw was found in Chainsaw and SocketAppender components with Log4j 1.x on JRE, less than 1.7. This issue may allow an attacker to use a logging entry with a specially-crafted hashmap or hashtable, depending on which logging component is in use, to process and exhaust the available memory in the virtual machine, resulting in a Denial of Service when the object is deserialized. This issue affects Apache Log4j before version 2.", title: "Vulnerability description", }, { category: "summary", text: "log4j1-socketappender: DoS via hashmap logging", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8 and 9 security impacts have been reduced to Low as they do not enable the vulnerable JDK by default.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26464", }, { category: "external", summary: "RHBZ#2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26464", url: "https://www.cve.org/CVERecord?id=CVE-2023-26464", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", }, { category: "external", summary: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", url: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", }, ], release_date: "2023-03-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j1-socketappender: DoS via hashmap logging", }, { cve: "CVE-2023-39410", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2023-10-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2242521", }, ], notes: [ { category: "description", text: "A flaw was found in apache-avro. When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints, leading to an out-of-memory error and a denial of service on the system.", title: "Vulnerability description", }, { category: "summary", text: "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-39410", }, { category: "external", summary: "RHBZ#2242521", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2242521", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-39410", url: "https://www.cve.org/CVERecord?id=CVE-2023-39410", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-39410", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-39410", }, { category: "external", summary: "https://issues.apache.org/jira/browse/AVRO-3819", url: "https://issues.apache.org/jira/browse/AVRO-3819", }, ], release_date: "2023-09-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK", }, { cve: "CVE-2024-28752", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2024-03-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2270732", }, ], notes: [ { category: "description", text: "A server-side request forgery (SSRF) vulnerability was found in Apache CXF. This issue occurs in attacks on webservices that take at least one parameter of any type, and when Aegisdatabind is used. Users of other data bindings including the default databinding are not impacted.", title: "Vulnerability description", }, { category: "summary", text: "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates this as an Important impact due to the fact this requires Aegis databind, which is not the default databinding for Apache CXF.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-28752", }, { category: "external", summary: "RHBZ#2270732", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270732", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-28752", url: "https://www.cve.org/CVERecord?id=CVE-2024-28752", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-28752", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-28752", }, { category: "external", summary: "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt", url: "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt", }, { category: "external", summary: "https://github.com/advisories/GHSA-qmgx-j96g-4428", url: "https://github.com/advisories/GHSA-qmgx-j96g-4428", }, ], release_date: "2024-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "No mitigation is currently available for this vulnerability. Please make sure to update as the fixes become available.", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding", }, { cve: "CVE-2024-47561", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2024-10-02T14:04:06.018000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2316116", }, ], notes: [ { category: "description", text: "A vulnerability was found in Apache Avro. The project is affected and at risk if it accepts an org.apache.Avro/avroAvro schema for parsing provided by an end user. This flaw allows an attacker to trigger remote code execution by using the special \"java-class\" attribute.", title: "Vulnerability description", }, { category: "summary", text: "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)", title: "Vulnerability summary", }, { category: "other", text: "The Red Hat build of Apache Camel K 1.10 was rated Important as it allows users to provide an Avro schema for parsing. Note that this functionality is limited to authenticated users.\n\nRed Hat Single Sign-On 7 ships the affected component in its maven repository but does not use it in the product. As such it is affected but not vulnerable to the flaw, and is assessed at Moderate security impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47561", }, { category: "external", summary: "RHBZ#2316116", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2316116", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47561", url: "https://www.cve.org/CVERecord?id=CVE-2024-47561", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47561", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47561", }, ], release_date: "2024-10-03T12:20:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "1. Avoid parsing user-provided schemas.\n2. Ensure proper input validation and sanitization of schemas before parsing.\n3. Monitor systems for any unusual activities that may indicate exploitation attempts.\n4. Apply the principle of least privilege to minimize the potential impact of successful exploits.", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)", }, ], }
rhsa-2024_10208
Vulnerability from csaf_redhat
Published
2024-11-25 00:12
Modified
2024-12-17 23:06
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.8 on RHEL 7 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.1.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.1.8 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible [eap-7.1.z] (CVE-2020-28052)
* hsqldb: Untrusted input may lead to RCE attack [eap-7.1.z] (CVE-2022-41853)
* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding [eap-7.1.z] (CVE-2024-28752)
* h2: Loading of custom classes from remote servers through JNDI [eap-7.1.z] (CVE-2022-23221)
* CXF: Apache CXF: SSRF Vulnerability [eap-7.1.z] (CVE-2022-46364)
* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.1.z] (CVE-2022-34169)
* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging [eap-7.1.z] (CVE-2023-26464)
* xnio: StackOverflowException when the chain of notifier states becomes problematically big [eap-7.1.z] (CVE-2023-5685)
* server: eap-7: heap exhaustion via deserialization [eap-7.1.z] (CVE-2023-3171)
* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling [eap-7.1.z] (CVE-2020-7238)
* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK [eap-7.1.z] (CVE-2023-39410)
* avro: apache-avro: Schema parsing may trigger Remote Code Execution (RCE) [eap-7.1.z] (CVE-2024-47561)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 7.\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.1.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.1.8 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible [eap-7.1.z] (CVE-2020-28052)\n\n* hsqldb: Untrusted input may lead to RCE attack [eap-7.1.z] (CVE-2022-41853)\n\n* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding [eap-7.1.z] (CVE-2024-28752)\n\n* h2: Loading of custom classes from remote servers through JNDI [eap-7.1.z] (CVE-2022-23221)\n\n* CXF: Apache CXF: SSRF Vulnerability [eap-7.1.z] (CVE-2022-46364)\n\n* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.1.z] (CVE-2022-34169)\n\n* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging [eap-7.1.z] (CVE-2023-26464)\n\n* xnio: StackOverflowException when the chain of notifier states becomes problematically big [eap-7.1.z] (CVE-2023-5685)\n\n* server: eap-7: heap exhaustion via deserialization [eap-7.1.z] (CVE-2023-3171)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling [eap-7.1.z] (CVE-2020-7238)\n\n* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK [eap-7.1.z] (CVE-2023-39410)\n\n* avro: apache-avro: Schema parsing may trigger Remote Code Execution (RCE) [eap-7.1.z] (CVE-2024-47561)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:10208", url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1/html-single/installation_guide/index", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1/html-single/installation_guide/index", }, { category: "external", summary: "1796225", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796225", }, { category: "external", summary: "1912881", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1912881", }, { category: "external", summary: "2044596", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2044596", }, { category: "external", summary: "2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "2136141", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2136141", }, { category: "external", summary: "2155682", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2155682", }, { category: "external", summary: "2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "2241822", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2241822", }, { category: "external", summary: "2242521", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2242521", }, { category: "external", summary: "2270732", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270732", }, { category: "external", summary: "2316116", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2316116", }, { category: "external", summary: "JBEAP-27708", url: "https://issues.redhat.com/browse/JBEAP-27708", }, { category: "external", summary: "JBEAP-28086", url: "https://issues.redhat.com/browse/JBEAP-28086", }, { category: "external", summary: "JBEAP-28130", url: "https://issues.redhat.com/browse/JBEAP-28130", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10208.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.8 on RHEL 7 security update", tracking: { current_release_date: "2024-12-17T23:06:48+00:00", generator: { date: "2024-12-17T23:06:48+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2024:10208", initial_release_date: "2024-11-25T00:12:13+00:00", revision_history: [ { date: "2024-11-25T00:12:13+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-25T00:12:13+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T23:06:48+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product: { name: "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", product: { name: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", product_id: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jackson-databind@2.8.11.6-1.SP1_redhat_00001.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", product: { name: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", product_id: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.5.10-1.Final_redhat_00001.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", product: { name: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", product_id: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-avro@1.7.6-2.redhat_00003.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", product: { name: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", product_id: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-26.redhat_00015.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", product: { name: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", product_id: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf@3.1.16-3.SP1_redhat_00001.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", product: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", product_id: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.15-1.Final_redhat_00001.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", product: { name: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", product_id: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.68.0-1.redhat_00005.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", product: { name: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", product_id: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00005.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", product: { name: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", product_id: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.1.8-2.GA_redhat_00002.1.ep7.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jackson-databind@2.8.11.6-1.SP1_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.5.10-1.Final_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", product: { name: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", product_id: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-avro@1.7.6-2.redhat_00003.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", product: { name: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", product_id: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-26.redhat_00015.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf@3.1.16-3.SP1_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf-rt@3.1.16-3.SP1_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf-services@3.1.16-3.SP1_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf-tools@3.1.16-3.SP1_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.15-1.Final_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.15-1.Final_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product: { name: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_id: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.68.0-1.redhat_00005.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product: { name: "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_id: "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-mail@1.68.0-1.redhat_00005.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product: { name: "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_id: "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.68.0-1.redhat_00005.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product: { name: "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_id: "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-prov@1.68.0-1.redhat_00005.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", product: { name: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", product_id: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00005.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", product: { name: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", product_id: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.1.8-2.GA_redhat_00002.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", product: { name: "eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", product_id: "eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-modules@7.1.8-2.GA_redhat_00002.1.ep7.el7?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", }, product_reference: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", }, product_reference: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", }, product_reference: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", }, product_reference: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", }, product_reference: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", }, product_reference: "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", }, product_reference: "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", }, product_reference: "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", }, product_reference: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", }, product_reference: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", }, product_reference: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", }, product_reference: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", }, product_reference: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", }, product_reference: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", }, product_reference: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", }, product_reference: "eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", }, product_reference: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", }, product_reference: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2020-7238", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2020-01-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1796225", }, ], notes: [ { category: "description", text: "A flaw was found in Netty, where it mishandles Transfer-Encoding whitespace. This flaw allows HTTP Request Smuggling.", title: "Vulnerability description", }, { category: "summary", text: "netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling", title: "Vulnerability summary", }, { category: "other", text: "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch's security team has stated that the previous vulnerability, CVE-2019-16869, does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit both these vulnerabilities on OpenShift Container Platform, so we're reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships vulnerable netty version embedded in Candlepin, however, is not directly vulnerable since HTTP requests are handled by Tomcat and not netty.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-7238", }, { category: "external", summary: "RHBZ#1796225", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796225", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-7238", url: "https://www.cve.org/CVERecord?id=CVE-2020-7238", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-7238", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-7238", }, { category: "external", summary: "https://netty.io/news/2019/12/18/4-1-44-Final.html", url: "https://netty.io/news/2019/12/18/4-1-44-Final.html", }, ], release_date: "2020-01-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "workaround", details: "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling", }, { cve: "CVE-2020-28052", cwe: { id: "CWE-287", name: "Improper Authentication", }, discovery_date: "2021-01-05T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1912881", }, ], notes: [ { category: "description", text: "A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", ], known_not_affected: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-28052", }, { category: "external", summary: "RHBZ#1912881", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1912881", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-28052", url: "https://www.cve.org/CVERecord?id=CVE-2020-28052", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-28052", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-28052", }, ], release_date: "2020-12-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "workaround", details: "Users unable to upgrade to version 1.67 or greater can copy the `OpenBSDBCrypt.doCheckPassword()` method implementation (https://github.com/bcgit/bc-java/blob/r1rv67/core/src/main/java/org/bouncycastle/crypto/generators/OpenBSDBCrypt.java#L259-L343) into their own utility class and supplement it with the required methods and variables as required", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible", }, { cve: "CVE-2022-23221", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2022-01-19T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2044596", }, ], notes: [ { category: "description", text: "A flaw was found in the H2 Console. This flaw allows remote attackers to execute arbitrary code via a JDBC URL, concatenating with a substring that allows remote code execution by using a script.", title: "Vulnerability description", }, { category: "summary", text: "h2: Loading of custom classes from remote servers through JNDI", title: "Vulnerability summary", }, { category: "other", text: "In OpenShift Container Platform (OCP) the openshift-enterprise-3.11/metrics-hawkular-metrics-container container image ships a vulnerable version of h2 as part of the underlying images, but as it uses standard configuration and Console is not enabled/started by default, therefore the impact by this vulnerability is LOW and will not be fixed as OCP 3.x has already reached End of Full Support.\n\n[1] https://access.redhat.com/support/policy/updates/openshift_noncurrent", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", ], known_not_affected: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-23221", }, { category: "external", summary: "RHBZ#2044596", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2044596", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-23221", url: "https://www.cve.org/CVERecord?id=CVE-2022-23221", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-23221", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-23221", }, { category: "external", summary: "https://github.com/advisories/GHSA-45hx-wfhj-473x", url: "https://github.com/advisories/GHSA-45hx-wfhj-473x", }, ], release_date: "2022-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "h2: Loading of custom classes from remote servers through JNDI", }, { cve: "CVE-2022-34169", cwe: { id: "CWE-192", name: "Integer Coercion Error", }, discovery_date: "2022-07-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2108554", }, ], notes: [ { category: "description", text: "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-34169", }, { category: "external", summary: "RHBZ#2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-34169", url: "https://www.cve.org/CVERecord?id=CVE-2022-34169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", }, ], release_date: "2022-07-19T20:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", }, { cve: "CVE-2022-41853", cwe: { id: "CWE-470", name: "Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')", }, discovery_date: "2022-10-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2136141", }, ], notes: [ { category: "description", text: "A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.", title: "Vulnerability description", }, { category: "summary", text: "hsqldb: Untrusted input may lead to RCE attack", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-41853", }, { category: "external", summary: "RHBZ#2136141", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2136141", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-41853", url: "https://www.cve.org/CVERecord?id=CVE-2022-41853", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-41853", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-41853", }, { category: "external", summary: "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control", url: "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control", }, { category: "external", summary: "https://github.com/advisories/GHSA-77xx-rxvh-q682", url: "https://github.com/advisories/GHSA-77xx-rxvh-q682", }, ], release_date: "2022-10-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "workaround", details: "By default, the static methods of any class that is on the classpath are available for use and can compromise security in some systems. The optional Java system property, hsqldb.method_class_names, allows preventing access to classes other than java.lang.Math or specifying a semicolon-separated list of allowed classes. A property value that ends with .* is treated as a wild card and allows access to all class or method names formed by substitution of the * (asterisk).\n\nIn the example below, the property has been included as an argument to the Java command.\n\n java -Dhsqldb.method_class_names=\"org.me.MyClass;org.you.YourClass;org.you.lib.*\" [the rest of the command line]\n\nThe above example allows access to the methods in the two classes: org.me.MyClass and org.you.YourClass together with all the classes in the org.you.lib package. Note that if the property is not defined, no access control is performed at this level.\n\nThe user who creates a Java routine must have the relevant access privileges on the tables that are used inside the Java method.\n\nOnce the routine has been defined, the normal database access control applies to its user. The routine can be executed only by those users who have been granted EXECUTE privileges on it. Access to routines can be granted to users with GRANT EXECUTE or GRANT ALL. For example, GRANT EXECUTE ON myroutine TO PUBLIC.\n\nIn hsqldb 2.7.1, all classes by default are not accessible, except those in java.lang.Math and need to be manually enabled.", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "hsqldb: Untrusted input may lead to RCE attack", }, { cve: "CVE-2022-46364", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2022-12-21T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2155682", }, ], notes: [ { category: "description", text: "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.", title: "Vulnerability description", }, { category: "summary", text: "CXF: SSRF Vulnerability", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", ], known_not_affected: [ "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-46364", }, { category: "external", summary: "RHBZ#2155682", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2155682", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-46364", url: "https://www.cve.org/CVERecord?id=CVE-2022-46364", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-46364", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-46364", }, { category: "external", summary: "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2", url: "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2", }, ], release_date: "2022-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "CXF: SSRF Vulnerability", }, { cve: "CVE-2023-3171", cwe: { id: "CWE-789", name: "Memory Allocation with Excessive Size Value", }, discovery_date: "2023-04-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2213639", }, ], notes: [ { category: "description", text: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "eap-7: heap exhaustion via deserialization", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { category: "external", summary: "RHBZ#2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3171", url: "https://www.cve.org/CVERecord?id=CVE-2023-3171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "eap-7: heap exhaustion via deserialization", }, { cve: "CVE-2023-5685", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-10-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2241822", }, ], notes: [ { category: "description", text: "A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "xnio: StackOverflowException when the chain of notifier states becomes problematically big", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates this vulnerability as an Important impact as the uncontrolled resource consumption may lead to Denial of Service (DoS). This might be intentioned by an attacker who is looking to jeopardize an environment.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-5685", }, { category: "external", summary: "RHBZ#2241822", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2241822", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-5685", url: "https://www.cve.org/CVERecord?id=CVE-2023-5685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-5685", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-5685", }, ], release_date: "2024-03-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "workaround", details: "There is currently no mitigation available for this vulnerability. Please keep the packages up-to-date as the updates become available.", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "xnio: StackOverflowException when the chain of notifier states becomes problematically big", }, { cve: "CVE-2023-26464", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-03-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2182864", }, ], notes: [ { category: "description", text: "A flaw was found in Chainsaw and SocketAppender components with Log4j 1.x on JRE, less than 1.7. This issue may allow an attacker to use a logging entry with a specially-crafted hashmap or hashtable, depending on which logging component is in use, to process and exhaust the available memory in the virtual machine, resulting in a Denial of Service when the object is deserialized. This issue affects Apache Log4j before version 2.", title: "Vulnerability description", }, { category: "summary", text: "log4j1-socketappender: DoS via hashmap logging", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8 and 9 security impacts have been reduced to Low as they do not enable the vulnerable JDK by default.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26464", }, { category: "external", summary: "RHBZ#2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26464", url: "https://www.cve.org/CVERecord?id=CVE-2023-26464", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", }, { category: "external", summary: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", url: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", }, ], release_date: "2023-03-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j1-socketappender: DoS via hashmap logging", }, { cve: "CVE-2023-39410", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2023-10-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2242521", }, ], notes: [ { category: "description", text: "A flaw was found in apache-avro. When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints, leading to an out-of-memory error and a denial of service on the system.", title: "Vulnerability description", }, { category: "summary", text: "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-39410", }, { category: "external", summary: "RHBZ#2242521", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2242521", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-39410", url: "https://www.cve.org/CVERecord?id=CVE-2023-39410", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-39410", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-39410", }, { category: "external", summary: "https://issues.apache.org/jira/browse/AVRO-3819", url: "https://issues.apache.org/jira/browse/AVRO-3819", }, ], release_date: "2023-09-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK", }, { cve: "CVE-2024-28752", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2024-03-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2270732", }, ], notes: [ { category: "description", text: "A server-side request forgery (SSRF) vulnerability was found in Apache CXF. This issue occurs in attacks on webservices that take at least one parameter of any type, and when Aegisdatabind is used. Users of other data bindings including the default databinding are not impacted.", title: "Vulnerability description", }, { category: "summary", text: "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates this as an Important impact due to the fact this requires Aegis databind, which is not the default databinding for Apache CXF.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-28752", }, { category: "external", summary: "RHBZ#2270732", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270732", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-28752", url: "https://www.cve.org/CVERecord?id=CVE-2024-28752", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-28752", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-28752", }, { category: "external", summary: "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt", url: "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt", }, { category: "external", summary: "https://github.com/advisories/GHSA-qmgx-j96g-4428", url: "https://github.com/advisories/GHSA-qmgx-j96g-4428", }, ], release_date: "2024-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "workaround", details: "No mitigation is currently available for this vulnerability. Please make sure to update as the fixes become available.", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding", }, { cve: "CVE-2024-47561", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2024-10-02T14:04:06.018000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2316116", }, ], notes: [ { category: "description", text: "A vulnerability was found in Apache Avro. The project is affected and at risk if it accepts an org.apache.Avro/avroAvro schema for parsing provided by an end user. This flaw allows an attacker to trigger remote code execution by using the special \"java-class\" attribute.", title: "Vulnerability description", }, { category: "summary", text: "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)", title: "Vulnerability summary", }, { category: "other", text: "The Red Hat build of Apache Camel K 1.10 was rated Important as it allows users to provide an Avro schema for parsing. Note that this functionality is limited to authenticated users.\n\nRed Hat Single Sign-On 7 ships the affected component in its maven repository but does not use it in the product. As such it is affected but not vulnerable to the flaw, and is assessed at Moderate security impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47561", }, { category: "external", summary: "RHBZ#2316116", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2316116", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47561", url: "https://www.cve.org/CVERecord?id=CVE-2024-47561", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47561", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47561", }, ], release_date: "2024-10-03T12:20:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "workaround", details: "1. Avoid parsing user-provided schemas.\n2. Ensure proper input validation and sanitization of schemas before parsing.\n3. Monitor systems for any unusual activities that may indicate exploitation attempts.\n4. Apply the principle of least privilege to minimize the potential impact of successful exploits.", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)", }, ], }
rhsa-2023_5486
Vulnerability from csaf_redhat
Published
2023-10-06 03:41
Modified
2024-12-17 23:05
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update on RHEL 9
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)
* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)
* nodejs-semver: Regular expression denial of service (CVE-2022-25883)
* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)
* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)
* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)
* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)\n\n* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)\n\n* nodejs-semver: Regular expression denial of service (CVE-2022-25883)\n\n* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)\n\n* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)\n\n* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)\n\n* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:5486", url: "https://access.redhat.com/errata/RHSA-2023:5486", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", }, { category: "external", summary: "2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "JBEAP-24667", url: "https://issues.redhat.com/browse/JBEAP-24667", }, { category: "external", summary: "JBEAP-24799", url: "https://issues.redhat.com/browse/JBEAP-24799", }, { category: "external", summary: "JBEAP-24966", url: "https://issues.redhat.com/browse/JBEAP-24966", }, { category: "external", summary: "JBEAP-24985", url: "https://issues.redhat.com/browse/JBEAP-24985", }, { category: "external", summary: "JBEAP-25032", url: "https://issues.redhat.com/browse/JBEAP-25032", }, { category: "external", summary: "JBEAP-25033", url: "https://issues.redhat.com/browse/JBEAP-25033", }, { category: "external", summary: "JBEAP-25078", url: "https://issues.redhat.com/browse/JBEAP-25078", }, { category: "external", summary: "JBEAP-25122", url: "https://issues.redhat.com/browse/JBEAP-25122", }, { category: "external", summary: "JBEAP-25135", url: "https://issues.redhat.com/browse/JBEAP-25135", }, { category: "external", summary: "JBEAP-25186", url: "https://issues.redhat.com/browse/JBEAP-25186", }, { category: "external", summary: "JBEAP-25200", url: "https://issues.redhat.com/browse/JBEAP-25200", }, { category: "external", summary: "JBEAP-25225", url: "https://issues.redhat.com/browse/JBEAP-25225", }, { category: "external", summary: "JBEAP-25261", url: "https://issues.redhat.com/browse/JBEAP-25261", }, { category: "external", summary: "JBEAP-25285", url: "https://issues.redhat.com/browse/JBEAP-25285", }, { category: "external", summary: "JBEAP-25312", url: "https://issues.redhat.com/browse/JBEAP-25312", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5486.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update on RHEL 9", tracking: { current_release_date: "2024-12-17T23:05:26+00:00", generator: { date: "2024-12-17T23:05:26+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.3", }, }, id: "RHSA-2023:5486", initial_release_date: "2023-10-06T03:41:07+00:00", revision_history: [ { date: "2023-10-06T03:41:07+00:00", number: "1", summary: "Initial version", }, { date: "2023-10-06T03:41:07+00:00", number: "2", summary: "Last updated version", }, { date: "2024-12-17T23:05:26+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss EAP 7.4 for RHEL 9", product: { name: "Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.20-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", product: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", product_id: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-undertow@2.2.26-1.SP1_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-mod_cluster@1.4.5-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", product: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", product_id: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-31.Final_redhat_00030.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.94-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", product: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", product_id: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.13-2.SP1_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.10-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hal-console@3.3.19-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar@1.5.15-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-modules@1.12.2-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", product: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", product_id: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-15.redhat_00049.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", product: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", product_id: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.76.0-4.redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.94-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", product: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", product_id: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.13-8.GA_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy@3.15.8-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, { category: "product_version", name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", product: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", product_id: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate@5.3.31-1.Final_redhat_00001.1.el9eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.20-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.20-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", product: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", product_id: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-undertow@2.2.26-1.SP1_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-mod_cluster@1.4.5-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product_id: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-31.Final_redhat_00030.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product: { name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product_id: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-31.Final_redhat_00030.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product: { name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product_id: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-31.Final_redhat_00030.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-buffer@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-common@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-rxtx@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-udt@4.1.94-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", product: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", product_id: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.13-2.SP1_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", product: { name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", product_id: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.13-2.SP1_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.10-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hal-console@3.3.19-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.15-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-modules@1.12.2-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product: { name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_id: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-15.redhat_00049.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_id: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.76.0-4.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product: { name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_id: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-mail@1.76.0-4.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product: { name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_id: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-pg@1.76.0-4.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product: { name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_id: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.76.0-4.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product: { name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_id: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-prov@1.76.0-4.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product: { name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_id: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-util@1.76.0-4.redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.13-8.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.13-8.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.13-8.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.13-8.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.13-8.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product: { name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_id: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-modules@7.4.13-8.GA_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-cdi@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-client@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-crypto@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jsapi@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-spring@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.15.8-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate@5.3.31-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-core@5.3.31-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product: { name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product_id: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-envers@5.3.31-1.Final_redhat_00001.1.el9eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", product_id: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.94-1.Final_redhat_00001.1.el9eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", product_id: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.94-1.Final_redhat_00001.1.el9eap?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", }, product_reference: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", }, product_reference: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", }, product_reference: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", }, product_reference: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", }, product_reference: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", }, product_reference: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", }, product_reference: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", }, product_reference: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", }, product_reference: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", }, product_reference: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", }, product_reference: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", product_id: "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", }, product_reference: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", relates_to_product_reference: "9Base-JBEAP-7.4", }, ], }, vulnerabilities: [ { cve: "CVE-2022-25883", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2023-06-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216475", }, ], notes: [ { category: "description", text: "A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size, resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-semver: Regular expression denial of service", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Advanced Cluster Management for Kubernetes-2 and Red Hat Advanced Cluster Security-3 has been marked as Low severity because node-semver is a Dev dependency for those, used only during the build process, and not used in customer environments.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM) the server-regexp dependency is protected by OAuth what is reducing impact by this flaw to Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25883", }, { category: "external", summary: "RHBZ#2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25883", url: "https://www.cve.org/CVERecord?id=CVE-2022-25883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", }, { category: "external", summary: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", url: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", url: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", }, ], release_date: "2023-06-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T03:41:07+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5486", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nodejs-semver: Regular expression denial of service", }, { cve: "CVE-2023-3171", cwe: { id: "CWE-789", name: "Memory Allocation with Excessive Size Value", }, discovery_date: "2023-04-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2213639", }, ], notes: [ { category: "description", text: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "eap-7: heap exhaustion via deserialization", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { category: "external", summary: "RHBZ#2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3171", url: "https://www.cve.org/CVERecord?id=CVE-2023-3171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T03:41:07+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5486", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "eap-7: heap exhaustion via deserialization", }, { cve: "CVE-2023-4061", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-08-02T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2228608", }, ], notes: [ { category: "description", text: "A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system.", title: "Vulnerability description", }, { category: "summary", text: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability requires a malicious user to previously have access to the system, especially access to the HAL interface via browser and logged with a management user who have access to the resolve-expression method, hence the moderate impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], known_not_affected: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-4061", }, { category: "external", summary: "RHBZ#2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-4061", url: "https://www.cve.org/CVERecord?id=CVE-2023-4061", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T03:41:07+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5486", }, { category: "workaround", details: "Wildfly administrators are recommended to use Vault, especially the Elytron subsystem, to store potential critical information such as DNS, IPs, and credentials.", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", }, { acknowledgments: [ { names: [ "Kokorin Vsevolod", ], }, ], cve: "CVE-2023-26136", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, discovery_date: "2023-07-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2219310", }, ], notes: [ { category: "description", text: "A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.", title: "Vulnerability description", }, { category: "summary", text: "tough-cookie: prototype pollution in cookie memstore", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26136", }, { category: "external", summary: "RHBZ#2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26136", url: "https://www.cve.org/CVERecord?id=CVE-2023-26136", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", url: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/issues/282", url: "https://github.com/salesforce/tough-cookie/issues/282", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", url: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", }, { category: "external", summary: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", url: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", }, ], release_date: "2023-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T03:41:07+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5486", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tough-cookie: prototype pollution in cookie memstore", }, { cve: "CVE-2023-26464", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-03-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2182864", }, ], notes: [ { category: "description", text: "A flaw was found in Chainsaw and SocketAppender components with Log4j 1.x on JRE, less than 1.7. This issue may allow an attacker to use a logging entry with a specially-crafted hashmap or hashtable, depending on which logging component is in use, to process and exhaust the available memory in the virtual machine, resulting in a Denial of Service when the object is deserialized. This issue affects Apache Log4j before version 2.", title: "Vulnerability description", }, { category: "summary", text: "log4j1-socketappender: DoS via hashmap logging", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8 and 9 security impacts have been reduced to Low as they do not enable the vulnerable JDK by default.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26464", }, { category: "external", summary: "RHBZ#2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26464", url: "https://www.cve.org/CVERecord?id=CVE-2023-26464", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", }, { category: "external", summary: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", url: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", }, ], release_date: "2023-03-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T03:41:07+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5486", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j1-socketappender: DoS via hashmap logging", }, { cve: "CVE-2023-33201", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-06-16T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2215465", }, ], notes: [ { category: "description", text: "A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain unauthorized information via blind LDAP Injection, exploring the environment and enumerating data. The exploit depends on the structure of the target LDAP directory as well as what kind of errors are exposed to the user.", title: "Vulnerability description", }, { category: "summary", text: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", ], known_not_affected: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-33201", }, { category: "external", summary: "RHBZ#2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-33201", url: "https://www.cve.org/CVERecord?id=CVE-2023-33201", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", }, { category: "external", summary: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", url: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", }, ], release_date: "2023-06-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T03:41:07+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5486", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", }, { cve: "CVE-2023-34462", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2023-06-23T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216888", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's SniHandler while navigating TLS handshake which may permit a large heap allocation if the handler did not have a timeout configured. This issue may allow an attacker to send a client hello packet which would cause the server to buffer large amounts of data per connection, potentially causing an out of memory error, resulting in Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "netty: SniHandler 16MB allocation leads to OOM", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", ], known_not_affected: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-34462", }, { category: "external", summary: "RHBZ#2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-34462", url: "https://www.cve.org/CVERecord?id=CVE-2023-34462", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", }, ], release_date: "2023-06-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-06T03:41:07+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5486", }, { category: "workaround", details: "Configuration of SniHandler with an idle timeout will mitigate this issue.", product_ids: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el9eap.src", "9Base-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el9eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: SniHandler 16MB allocation leads to OOM", }, ], }
rhsa-2024:10208
Vulnerability from csaf_redhat
Published
2024-11-25 00:12
Modified
2025-03-19 10:23
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.8 on RHEL 7 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.1.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.1.8 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible [eap-7.1.z] (CVE-2020-28052)
* hsqldb: Untrusted input may lead to RCE attack [eap-7.1.z] (CVE-2022-41853)
* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding [eap-7.1.z] (CVE-2024-28752)
* h2: Loading of custom classes from remote servers through JNDI [eap-7.1.z] (CVE-2022-23221)
* CXF: Apache CXF: SSRF Vulnerability [eap-7.1.z] (CVE-2022-46364)
* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.1.z] (CVE-2022-34169)
* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging [eap-7.1.z] (CVE-2023-26464)
* xnio: StackOverflowException when the chain of notifier states becomes problematically big [eap-7.1.z] (CVE-2023-5685)
* server: eap-7: heap exhaustion via deserialization [eap-7.1.z] (CVE-2023-3171)
* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling [eap-7.1.z] (CVE-2020-7238)
* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK [eap-7.1.z] (CVE-2023-39410)
* avro: apache-avro: Schema parsing may trigger Remote Code Execution (RCE) [eap-7.1.z] (CVE-2024-47561)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 7.\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.1.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.1.8 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible [eap-7.1.z] (CVE-2020-28052)\n\n* hsqldb: Untrusted input may lead to RCE attack [eap-7.1.z] (CVE-2022-41853)\n\n* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding [eap-7.1.z] (CVE-2024-28752)\n\n* h2: Loading of custom classes from remote servers through JNDI [eap-7.1.z] (CVE-2022-23221)\n\n* CXF: Apache CXF: SSRF Vulnerability [eap-7.1.z] (CVE-2022-46364)\n\n* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.1.z] (CVE-2022-34169)\n\n* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging [eap-7.1.z] (CVE-2023-26464)\n\n* xnio: StackOverflowException when the chain of notifier states becomes problematically big [eap-7.1.z] (CVE-2023-5685)\n\n* server: eap-7: heap exhaustion via deserialization [eap-7.1.z] (CVE-2023-3171)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling [eap-7.1.z] (CVE-2020-7238)\n\n* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK [eap-7.1.z] (CVE-2023-39410)\n\n* avro: apache-avro: Schema parsing may trigger Remote Code Execution (RCE) [eap-7.1.z] (CVE-2024-47561)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:10208", url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1/html-single/installation_guide/index", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1/html-single/installation_guide/index", }, { category: "external", summary: "1796225", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796225", }, { category: "external", summary: "1912881", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1912881", }, { category: "external", summary: "2044596", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2044596", }, { category: "external", summary: "2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "2136141", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2136141", }, { category: "external", summary: "2155682", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2155682", }, { category: "external", summary: "2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "2241822", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2241822", }, { category: "external", summary: "2242521", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2242521", }, { category: "external", summary: "2270732", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270732", }, { category: "external", summary: "2316116", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2316116", }, { category: "external", summary: "JBEAP-27708", url: "https://issues.redhat.com/browse/JBEAP-27708", }, { category: "external", summary: "JBEAP-28086", url: "https://issues.redhat.com/browse/JBEAP-28086", }, { category: "external", summary: "JBEAP-28130", url: "https://issues.redhat.com/browse/JBEAP-28130", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10208.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.8 on RHEL 7 security update", tracking: { current_release_date: "2025-03-19T10:23:56+00:00", generator: { date: "2025-03-19T10:23:56+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2024:10208", initial_release_date: "2024-11-25T00:12:13+00:00", revision_history: [ { date: "2024-11-25T00:12:13+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-25T00:12:13+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-19T10:23:56+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product: { name: "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", product: { name: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", product_id: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jackson-databind@2.8.11.6-1.SP1_redhat_00001.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", product: { name: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", product_id: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.5.10-1.Final_redhat_00001.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", product: { name: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", product_id: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-avro@1.7.6-2.redhat_00003.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", product: { name: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", product_id: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-26.redhat_00015.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", product: { name: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", product_id: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf@3.1.16-3.SP1_redhat_00001.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", product: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", product_id: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.15-1.Final_redhat_00001.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", product: { name: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", product_id: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.68.0-1.redhat_00005.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", product: { name: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", product_id: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00005.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", product: { name: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", product_id: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.1.8-2.GA_redhat_00002.1.ep7.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jackson-databind@2.8.11.6-1.SP1_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.5.10-1.Final_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", product: { name: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", product_id: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-avro@1.7.6-2.redhat_00003.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", product: { name: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", product_id: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-26.redhat_00015.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf@3.1.16-3.SP1_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf-rt@3.1.16-3.SP1_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf-services@3.1.16-3.SP1_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf-tools@3.1.16-3.SP1_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.15-1.Final_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.15-1.Final_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product: { name: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_id: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.68.0-1.redhat_00005.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product: { name: "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_id: "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-mail@1.68.0-1.redhat_00005.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product: { name: "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_id: "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.68.0-1.redhat_00005.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product: { name: "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_id: "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-prov@1.68.0-1.redhat_00005.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", product: { name: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", product_id: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00005.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", product: { name: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", product_id: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.1.8-2.GA_redhat_00002.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", product: { name: "eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", product_id: "eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-modules@7.1.8-2.GA_redhat_00002.1.ep7.el7?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", }, product_reference: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", }, product_reference: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", }, product_reference: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", }, product_reference: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", }, product_reference: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", }, product_reference: "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", }, product_reference: "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", }, product_reference: "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", }, product_reference: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", }, product_reference: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", }, product_reference: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", }, product_reference: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", }, product_reference: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", }, product_reference: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", }, product_reference: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", }, product_reference: "eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", }, product_reference: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", }, product_reference: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2020-7238", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2020-01-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1796225", }, ], notes: [ { category: "description", text: "A flaw was found in Netty, where it mishandles Transfer-Encoding whitespace. This flaw allows HTTP Request Smuggling.", title: "Vulnerability description", }, { category: "summary", text: "netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling", title: "Vulnerability summary", }, { category: "other", text: "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch's security team has stated that the previous vulnerability, CVE-2019-16869, does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit both these vulnerabilities on OpenShift Container Platform, so we're reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships vulnerable netty version embedded in Candlepin, however, is not directly vulnerable since HTTP requests are handled by Tomcat and not netty.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-7238", }, { category: "external", summary: "RHBZ#1796225", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796225", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-7238", url: "https://www.cve.org/CVERecord?id=CVE-2020-7238", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-7238", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-7238", }, { category: "external", summary: "https://netty.io/news/2019/12/18/4-1-44-Final.html", url: "https://netty.io/news/2019/12/18/4-1-44-Final.html", }, ], release_date: "2020-01-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "workaround", details: "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling", }, { cve: "CVE-2020-28052", cwe: { id: "CWE-287", name: "Improper Authentication", }, discovery_date: "2021-01-05T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1912881", }, ], notes: [ { category: "description", text: "A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", ], known_not_affected: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-28052", }, { category: "external", summary: "RHBZ#1912881", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1912881", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-28052", url: "https://www.cve.org/CVERecord?id=CVE-2020-28052", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-28052", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-28052", }, ], release_date: "2020-12-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "workaround", details: "Users unable to upgrade to version 1.67 or greater can copy the `OpenBSDBCrypt.doCheckPassword()` method implementation (https://github.com/bcgit/bc-java/blob/r1rv67/core/src/main/java/org/bouncycastle/crypto/generators/OpenBSDBCrypt.java#L259-L343) into their own utility class and supplement it with the required methods and variables as required", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible", }, { cve: "CVE-2022-23221", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2022-01-19T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2044596", }, ], notes: [ { category: "description", text: "A flaw was found in the H2 Console. This flaw allows remote attackers to execute arbitrary code via a JDBC URL, concatenating with a substring that allows remote code execution by using a script.", title: "Vulnerability description", }, { category: "summary", text: "h2: Loading of custom classes from remote servers through JNDI", title: "Vulnerability summary", }, { category: "other", text: "In OpenShift Container Platform (OCP) the openshift-enterprise-3.11/metrics-hawkular-metrics-container container image ships a vulnerable version of h2 as part of the underlying images, but as it uses standard configuration and Console is not enabled/started by default, therefore the impact by this vulnerability is LOW and will not be fixed as OCP 3.x has already reached End of Full Support.\n\n[1] https://access.redhat.com/support/policy/updates/openshift_noncurrent", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", ], known_not_affected: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-23221", }, { category: "external", summary: "RHBZ#2044596", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2044596", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-23221", url: "https://www.cve.org/CVERecord?id=CVE-2022-23221", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-23221", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-23221", }, { category: "external", summary: "https://github.com/advisories/GHSA-45hx-wfhj-473x", url: "https://github.com/advisories/GHSA-45hx-wfhj-473x", }, ], release_date: "2022-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "h2: Loading of custom classes from remote servers through JNDI", }, { cve: "CVE-2022-34169", cwe: { id: "CWE-192", name: "Integer Coercion Error", }, discovery_date: "2022-07-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2108554", }, ], notes: [ { category: "description", text: "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-34169", }, { category: "external", summary: "RHBZ#2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-34169", url: "https://www.cve.org/CVERecord?id=CVE-2022-34169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", }, ], release_date: "2022-07-19T20:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", }, { cve: "CVE-2022-41853", cwe: { id: "CWE-470", name: "Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')", }, discovery_date: "2022-10-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2136141", }, ], notes: [ { category: "description", text: "A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.", title: "Vulnerability description", }, { category: "summary", text: "hsqldb: Untrusted input may lead to RCE attack", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-41853", }, { category: "external", summary: "RHBZ#2136141", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2136141", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-41853", url: "https://www.cve.org/CVERecord?id=CVE-2022-41853", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-41853", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-41853", }, { category: "external", summary: "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control", url: "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control", }, { category: "external", summary: "https://github.com/advisories/GHSA-77xx-rxvh-q682", url: "https://github.com/advisories/GHSA-77xx-rxvh-q682", }, ], release_date: "2022-10-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "workaround", details: "By default, the static methods of any class that is on the classpath are available for use and can compromise security in some systems. The optional Java system property, hsqldb.method_class_names, allows preventing access to classes other than java.lang.Math or specifying a semicolon-separated list of allowed classes. A property value that ends with .* is treated as a wild card and allows access to all class or method names formed by substitution of the * (asterisk).\n\nIn the example below, the property has been included as an argument to the Java command.\n\n java -Dhsqldb.method_class_names=\"org.me.MyClass;org.you.YourClass;org.you.lib.*\" [the rest of the command line]\n\nThe above example allows access to the methods in the two classes: org.me.MyClass and org.you.YourClass together with all the classes in the org.you.lib package. Note that if the property is not defined, no access control is performed at this level.\n\nThe user who creates a Java routine must have the relevant access privileges on the tables that are used inside the Java method.\n\nOnce the routine has been defined, the normal database access control applies to its user. The routine can be executed only by those users who have been granted EXECUTE privileges on it. Access to routines can be granted to users with GRANT EXECUTE or GRANT ALL. For example, GRANT EXECUTE ON myroutine TO PUBLIC.\n\nIn hsqldb 2.7.1, all classes by default are not accessible, except those in java.lang.Math and need to be manually enabled.", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "hsqldb: Untrusted input may lead to RCE attack", }, { cve: "CVE-2022-46364", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2022-12-21T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2155682", }, ], notes: [ { category: "description", text: "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.", title: "Vulnerability description", }, { category: "summary", text: "CXF: SSRF Vulnerability", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", ], known_not_affected: [ "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-46364", }, { category: "external", summary: "RHBZ#2155682", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2155682", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-46364", url: "https://www.cve.org/CVERecord?id=CVE-2022-46364", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-46364", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-46364", }, { category: "external", summary: "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2", url: "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2", }, ], release_date: "2022-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "CXF: SSRF Vulnerability", }, { cve: "CVE-2023-3171", cwe: { id: "CWE-789", name: "Memory Allocation with Excessive Size Value", }, discovery_date: "2023-04-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2213639", }, ], notes: [ { category: "description", text: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "eap-7: heap exhaustion via deserialization", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { category: "external", summary: "RHBZ#2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3171", url: "https://www.cve.org/CVERecord?id=CVE-2023-3171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "eap-7: heap exhaustion via deserialization", }, { cve: "CVE-2023-5685", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-10-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2241822", }, ], notes: [ { category: "description", text: "A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "xnio: StackOverflowException when the chain of notifier states becomes problematically big", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates this vulnerability as an Important impact as the uncontrolled resource consumption may lead to Denial of Service (DoS). This might be intentioned by an attacker who is looking to jeopardize an environment.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-5685", }, { category: "external", summary: "RHBZ#2241822", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2241822", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-5685", url: "https://www.cve.org/CVERecord?id=CVE-2023-5685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-5685", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-5685", }, ], release_date: "2024-03-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "workaround", details: "There is currently no mitigation available for this vulnerability. Please keep the packages up-to-date as the updates become available.", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "xnio: StackOverflowException when the chain of notifier states becomes problematically big", }, { cve: "CVE-2023-26464", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-03-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2182864", }, ], notes: [ { category: "description", text: "A flaw was found in Chainsaw and SocketAppender components with Log4j 1.x on JRE, less than 1.7. This issue may allow an attacker to use a logging entry with a specially-crafted hashmap or hashtable, depending on which logging component is in use, to process and exhaust the available memory in the virtual machine, resulting in a Denial of Service when the object is deserialized. This issue affects Apache Log4j before version 2.", title: "Vulnerability description", }, { category: "summary", text: "log4j1-socketappender: DoS via hashmap logging", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8 and 9 security impacts have been reduced to Low as they do not enable the vulnerable JDK by default.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26464", }, { category: "external", summary: "RHBZ#2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26464", url: "https://www.cve.org/CVERecord?id=CVE-2023-26464", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", }, { category: "external", summary: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", url: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", }, ], release_date: "2023-03-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j1-socketappender: DoS via hashmap logging", }, { cve: "CVE-2023-39410", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2023-10-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2242521", }, ], notes: [ { category: "description", text: "A flaw was found in apache-avro. When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints, leading to an out-of-memory error and a denial of service on the system.", title: "Vulnerability description", }, { category: "summary", text: "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-39410", }, { category: "external", summary: "RHBZ#2242521", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2242521", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-39410", url: "https://www.cve.org/CVERecord?id=CVE-2023-39410", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-39410", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-39410", }, { category: "external", summary: "https://issues.apache.org/jira/browse/AVRO-3819", url: "https://issues.apache.org/jira/browse/AVRO-3819", }, ], release_date: "2023-09-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK", }, { cve: "CVE-2024-28752", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2024-03-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2270732", }, ], notes: [ { category: "description", text: "A server-side request forgery (SSRF) vulnerability was found in Apache CXF. This issue occurs in attacks on webservices that take at least one parameter of any type, and when Aegisdatabind is used. Users of other data bindings including the default databinding are not impacted.", title: "Vulnerability description", }, { category: "summary", text: "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates this as an Important impact due to the fact this requires Aegis databind, which is not the default databinding for Apache CXF.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-28752", }, { category: "external", summary: "RHBZ#2270732", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270732", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-28752", url: "https://www.cve.org/CVERecord?id=CVE-2024-28752", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-28752", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-28752", }, { category: "external", summary: "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt", url: "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt", }, { category: "external", summary: "https://github.com/advisories/GHSA-qmgx-j96g-4428", url: "https://github.com/advisories/GHSA-qmgx-j96g-4428", }, ], release_date: "2024-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "workaround", details: "No mitigation is currently available for this vulnerability. Please make sure to update as the fixes become available.", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding", }, { cve: "CVE-2024-47561", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2024-10-02T14:04:06.018000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2316116", }, ], notes: [ { category: "description", text: "A vulnerability was found in Apache Avro. The project is affected and at risk if it accepts an org.apache.Avro/avroAvro schema for parsing provided by an end user. This flaw allows an attacker to trigger remote code execution by using the special \"java-class\" attribute.", title: "Vulnerability description", }, { category: "summary", text: "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)", title: "Vulnerability summary", }, { category: "other", text: "The Red Hat build of Apache Camel K 1.10 was rated Important as it allows users to provide an Avro schema for parsing. Note that this functionality is limited to authenticated users.\n\nRed Hat Single Sign-On 7 ships the affected component in its maven repository but does not use it in the product. As such it is affected but not vulnerable to the flaw, and is assessed at Moderate security impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47561", }, { category: "external", summary: "RHBZ#2316116", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2316116", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47561", url: "https://www.cve.org/CVERecord?id=CVE-2024-47561", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47561", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47561", }, ], release_date: "2024-10-03T12:20:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "workaround", details: "1. Avoid parsing user-provided schemas.\n2. Ensure proper input validation and sanitization of schemas before parsing.\n3. Monitor systems for any unusual activities that may indicate exploitation attempts.\n4. Apply the principle of least privilege to minimize the potential impact of successful exploits.", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)", }, ], }
RHSA-2024:10207
Vulnerability from csaf_redhat
Published
2024-11-25 00:12
Modified
2025-03-19 10:23
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.11 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.11 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.10, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.11 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding [eap-7.3.z] (CVE-2024-28752)
* h2: Loading of custom classes from remote servers through JNDI [eap-7.3.z] (CVE-2022-23221)
* log4j: Unsafe deserialization flaw in Chainsaw log viewer [eap-7.3.z] (CVE-2022-23307)
* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender [eap-7.3.z] (CVE-2022-23305)
* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender [eap-7.3.z] (CVE-2021-4104)
* CXF: Apache CXF: SSRF Vulnerability [eap-7.3.z] (CVE-2022-46364)
* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging [eap-7.3.z] (CVE-2023-26464)
* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.3.z] (CVE-2022-34169)
* xnio: StackOverflowException when the chain of notifier states becomes problematically big [eap-7.3.z] (CVE-2023-5685)
* hsqldb: Untrusted input may lead to RCE attack [eap-7.3.z] (CVE-2022-41853)
* server: eap-7: heap exhaustion via deserialization [eap-7.3.z] (CVE-2023-3171)
* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK [eap-7.3.z] (CVE-2023-39410)
* undertow: client side invocation timeout raised when calling EJB over HTTP and HTTP2 [eap-7.3.z] (CVE-2021-3859)
* avro: apache-avro: Schema parsing may trigger Remote Code Execution (RCE) [eap-7.3.z] (CVE-2024-47561)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.11 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.10, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.11 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding [eap-7.3.z] (CVE-2024-28752)\n\n* h2: Loading of custom classes from remote servers through JNDI [eap-7.3.z] (CVE-2022-23221)\n\n* log4j: Unsafe deserialization flaw in Chainsaw log viewer [eap-7.3.z] (CVE-2022-23307)\n\n* log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender [eap-7.3.z] (CVE-2022-23305)\n\n* log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender [eap-7.3.z] (CVE-2021-4104)\n\n* CXF: Apache CXF: SSRF Vulnerability [eap-7.3.z] (CVE-2022-46364)\n\n* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging [eap-7.3.z] (CVE-2023-26464)\n\n* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.3.z] (CVE-2022-34169)\n\n* xnio: StackOverflowException when the chain of notifier states becomes problematically big [eap-7.3.z] (CVE-2023-5685)\n\n* hsqldb: Untrusted input may lead to RCE attack [eap-7.3.z] (CVE-2022-41853)\n\n* server: eap-7: heap exhaustion via deserialization [eap-7.3.z] (CVE-2023-3171)\n\n* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK [eap-7.3.z] (CVE-2023-39410)\n\n* undertow: client side invocation timeout raised when calling EJB over HTTP and HTTP2 [eap-7.3.z] (CVE-2021-3859)\n\n* avro: apache-avro: Schema parsing may trigger Remote Code Execution (RCE) [eap-7.3.z] (CVE-2024-47561)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:10207", url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/index", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.3/html-single/installation_guide/index", }, { category: "external", summary: "2010378", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2010378", }, { category: "external", summary: "2031667", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2031667", }, { category: "external", summary: "2041959", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2041959", }, { category: "external", summary: "2041967", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2041967", }, { category: "external", summary: "2044596", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2044596", }, { category: "external", summary: "2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "2316116", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2316116", }, { category: "external", summary: "2136141", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2136141", }, { category: "external", summary: "2155682", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2155682", }, { category: "external", summary: "2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "2241822", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2241822", }, { category: "external", summary: "2242521", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2242521", }, { category: "external", summary: "2270732", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270732", }, { category: "external", summary: "JBEAP-23025", url: "https://issues.redhat.com/browse/JBEAP-23025", }, { category: "external", summary: "JBEAP-28084", url: "https://issues.redhat.com/browse/JBEAP-28084", }, { category: "external", summary: "JBEAP-28089", url: "https://issues.redhat.com/browse/JBEAP-28089", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10207.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.11 Security update", tracking: { current_release_date: "2025-03-19T10:23:44+00:00", generator: { date: "2025-03-19T10:23:44+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2024:10207", initial_release_date: "2024-11-25T00:12:17+00:00", revision_history: [ { date: "2024-11-25T00:12:17+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-25T00:12:17+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-19T10:23:44+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product: { name: "Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.15-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", product: { name: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", product_id: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf@3.4.10-1.SP1_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.13-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", product: { name: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", product_id: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-avro@1.7.6-8.redhat_00003.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", product: { name: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", product_id: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j@2.3.3-2.redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", product: { name: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", product_id: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-xml-security@2.2.3-2.redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", product: { name: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", product_id: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-38.redhat_00015.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", product: { name: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", product_id: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-log4j-jboss-logmanager@1.2.2-2.Final_redhat_00002.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", product: { name: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", product_id: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-h2database@1.4.197-3.redhat_00004.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", product_id: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-annotations-api_1.3_spec@2.0.1-4.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", product: { name: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", product_id: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-12.Final_redhat_00013.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", product: { name: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", product_id: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.3.11-4.GA_redhat_00002.1.el7eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product: { name: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_id: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf@3.4.10-1.SP1_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product: { name: "eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_id: "eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf-rt@3.4.10-1.SP1_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product: { name: "eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_id: "eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf-services@3.4.10-1.SP1_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product: { name: "eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_id: "eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf-tools@3.4.10-1.SP1_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.7.13-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", product: { name: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", product_id: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-avro@1.7.6-8.redhat_00003.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j@2.3.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j-bindings@2.3.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j-policy@2.3.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j-ws-security-common@2.3.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j-ws-security-dom@2.3.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j-ws-security-policy-stax@2.3.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wss4j-ws-security-stax@2.3.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", product: { name: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", product_id: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-xml-security@2.2.3-2.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", product: { name: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", product_id: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-38.redhat_00015.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", product: { name: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", product_id: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-log4j-jboss-logmanager@1.2.2-2.Final_redhat_00002.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", product: { name: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", product_id: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-h2database@1.4.197-3.redhat_00004.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-annotations-api_1.3_spec@2.0.1-4.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.3@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2-to-eap7.3@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.3-server@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly14.0-server@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly15.0-server@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly16.0-server@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly17.0-server@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly18.0-server@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.7.2-12.Final_redhat_00013.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product: { name: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_id: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.3.11-4.GA_redhat_00002.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product: { name: "eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_id: "eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.3.11-4.GA_redhat_00002.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product: { name: "eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_id: "eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.3.11-4.GA_redhat_00002.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product: { name: "eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_id: "eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-javadocs@7.3.11-4.GA_redhat_00002.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product: { name: "eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_id: "eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-modules@7.3.11-4.GA_redhat_00002.1.el7eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", }, product_reference: "eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", }, product_reference: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", }, product_reference: "eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", }, product_reference: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", }, product_reference: "eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", }, product_reference: "eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", }, product_reference: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", }, product_reference: "eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", }, product_reference: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", }, product_reference: "eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", }, product_reference: "eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", }, product_reference: "eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", }, product_reference: "eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", }, product_reference: "eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", }, product_reference: "eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", }, product_reference: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", }, product_reference: "eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src as a component of Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", }, product_reference: "eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.3-EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2021-3859", cwe: { id: "CWE-214", name: "Invocation of Process Using Visible Sensitive Information", }, discovery_date: "2021-09-05T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2010378", }, ], notes: [ { category: "description", text: "A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks.", title: "Vulnerability description", }, { category: "summary", text: "undertow: client side invocation timeout raised when calling over HTTP2", title: "Vulnerability summary", }, { category: "other", text: "Red Hat OpenStack Platform's OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Critical flaws.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-3859", }, { category: "external", summary: "RHBZ#2010378", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2010378", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-3859", url: "https://www.cve.org/CVERecord?id=CVE-2021-3859", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-3859", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-3859", }, ], release_date: "2022-02-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "undertow: client side invocation timeout raised when calling over HTTP2", }, { cve: "CVE-2021-4104", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2021-12-13T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2031667", }, ], notes: [ { category: "description", text: "A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSAppender in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if the deployed application is configured to use JMSAppender and to the attacker's JNDI LDAP endpoint.", title: "Vulnerability description", }, { category: "summary", text: "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender", title: "Vulnerability summary", }, { category: "other", text: "Based on the conditions to be exploitable (see details below), the risk is much lower than Log4j 2.x and Red Hat has assessed this to be Moderate severity. This flaw has been filed for Log4j 1.x, and the corresponding flaw information for Log4j 2.x is available at: https://access.redhat.com/security/cve/CVE-2021-44228\n\nNote this flaw ONLY affects applications which are specifically configured to use JMSAppender, which is not the default, or when the attacker has write access to the Log4j configuration for adding JMSAppender to the attacker's JNDI LDAP endpoint. \n\nIf the Log4j configuration is set TopicBindingName or TopicConnectionFactoryBindingName configurations allowing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228 Log4j 2.x, Log4j 1.x is vulnerable. However, the attack vector is reduced as it depends on having write access, which is not a standard configuration rather than untrusted user input. These are sufficient factors beyond the attacker's control.\n\nThe tomcat package shipped with Red Hat Enterprise Linux does not include log4j but it does include a default configuration for log4j, log4j.properties, which could be used with tomcat if users choose to install and configure the library. The JMSAppender is not enabled by default, and the permissions of the file can only be modified as root.\n\nRed Hat Virtualization ships log4j12-1.2.17, but it is used and configured in a way which makes this flaw not possible to exploit. Therefore impact is rated Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2021-4104", }, { category: "external", summary: "RHBZ#2031667", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2031667", }, { category: "external", summary: "RHSB-2021-009", url: "https://access.redhat.com/security/vulnerabilities/RHSB-2021-009", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2021-4104", url: "https://www.cve.org/CVERecord?id=CVE-2021-4104", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2021-4104", url: "https://nvd.nist.gov/vuln/detail/CVE-2021-4104", }, { category: "external", summary: "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126", url: "https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126", }, { category: "external", summary: "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301", url: "https://github.com/apache/logging-log4j2/pull/608#issuecomment-991723301", }, { category: "external", summary: "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx", url: "https://lists.apache.org/thread/0x4zvtq92yggdgvwfgsftqrj4xx5w0nx", }, { category: "external", summary: "https://www.openwall.com/lists/oss-security/2021/12/13/1", url: "https://www.openwall.com/lists/oss-security/2021/12/13/1", }, ], release_date: "2021-12-10T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JMSAppender in the Log4j configuration if it is used\n- Remove the JMSAppender class from the classpath. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/net/JMSAppender.class\n```\n- Restrict access for the OS user on the platform running the application to prevent modifying the Log4j configuration by the attacker.", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender", }, { cve: "CVE-2022-23221", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2022-01-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2044596", }, ], notes: [ { category: "description", text: "A flaw was found in the H2 Console. This flaw allows remote attackers to execute arbitrary code via a JDBC URL, concatenating with a substring that allows remote code execution by using a script.", title: "Vulnerability description", }, { category: "summary", text: "h2: Loading of custom classes from remote servers through JNDI", title: "Vulnerability summary", }, { category: "other", text: "In OpenShift Container Platform (OCP) the openshift-enterprise-3.11/metrics-hawkular-metrics-container container image ships a vulnerable version of h2 as part of the underlying images, but as it uses standard configuration and Console is not enabled/started by default, therefore the impact by this vulnerability is LOW and will not be fixed as OCP 3.x has already reached End of Full Support.\n\n[1] https://access.redhat.com/support/policy/updates/openshift_noncurrent", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-23221", }, { category: "external", summary: "RHBZ#2044596", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2044596", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-23221", url: "https://www.cve.org/CVERecord?id=CVE-2022-23221", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-23221", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-23221", }, { category: "external", summary: "https://github.com/advisories/GHSA-45hx-wfhj-473x", url: "https://github.com/advisories/GHSA-45hx-wfhj-473x", }, ], release_date: "2022-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "h2: Loading of custom classes from remote servers through JNDI", }, { cve: "CVE-2022-23305", cwe: { id: "CWE-89", name: "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", }, discovery_date: "2022-01-18T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2041959", }, ], notes: [ { category: "description", text: "A flaw was found in the Java logging library Apache Log4j in version 1.x. JDBCAppender in Log4j 1.x is vulnerable to SQL injection in untrusted data. This allows a remote attacker to run SQL statements in the database if the deployed application is configured to use JDBCAppender with certain interpolation tokens.", title: "Vulnerability description", }, { category: "summary", text: "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender", title: "Vulnerability summary", }, { category: "other", text: "Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization and OpenShift Container Platform in the OCP Metering stack (the Hive/Presto/Hadoop components) ship a vulnerable version of the log4j package, however JDBCAppender is not used. Therefore the impact of this vulnerability for these products is rated Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-23305", }, { category: "external", summary: "RHBZ#2041959", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2041959", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-23305", url: "https://www.cve.org/CVERecord?id=CVE-2022-23305", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-23305", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-23305", }, { category: "external", summary: "https://www.openwall.com/lists/oss-security/2022/01/18/4", url: "https://www.openwall.com/lists/oss-security/2022/01/18/4", }, ], release_date: "2022-01-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "These are the possible mitigations for this flaw for releases version 1.x:\n\n- Comment out or remove JDBCAppender in the Log4j configuration if it is used\n- Remove the JDBCAppender class from the server's jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/jdbc/JDBCAppender.class\n```", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender", }, { cve: "CVE-2022-23307", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2022-01-18T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2041967", }, ], notes: [ { category: "description", text: "A flaw was found in the log4j 1.x chainsaw component, where the contents of certain log entries are deserialized and possibly permit code execution. This flaw allows an attacker to send a malicious request with serialized data to the server to be deserialized when the chainsaw component is run.", title: "Vulnerability description", }, { category: "summary", text: "log4j: Unsafe deserialization flaw in Chainsaw log viewer", title: "Vulnerability summary", }, { category: "other", text: "Chainsaw is a standalone graphical user interface for viewing log entries in log4j. This flaw may be bypassed by using other available means to access log entries.\n\nRed Hat Satellite bundles log4j-over-slf4j with Candlepin, however, product is not affected as it uses logback framework for logging.\n\nRed Hat Virtualization ships a vulnerable version of the log4j package, however chainsaw is not part of typical use cases. An attacker looking to exploit this would need to not only be able to generate a malicious log entry, but also have the necessary access and permissions to start chainsaw on the engine node. Therefore the impact of this vulnerability for Red Hat Virtualization is rated Low.\n\nSimilar to Red Hat Virtualization in OpenShift Container Platform (OCP), the Hive/Presto/Hadoop components that comprise the OCP Metering stack, ship the vulnerable version of log4j package, however vulnerable chainsaw component is not used by default. Therefore the impact to OCP is reduced to Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-23307", }, { category: "external", summary: "RHBZ#2041967", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2041967", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-23307", url: "https://www.cve.org/CVERecord?id=CVE-2022-23307", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-23307", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-23307", }, { category: "external", summary: "https://www.openwall.com/lists/oss-security/2022/01/18/5", url: "https://www.openwall.com/lists/oss-security/2022/01/18/5", }, ], release_date: "2022-01-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "These are the mitigations available for this flaw for log4j 1.x:\n- Avoid using Chainsaw to view logs, and instead use some other utility, especially if there is a log view available within the product itself.\n- Remove the Chainsaw classes from the log4j jar files. For example:\n```\nzip -q -d log4j-*.jar org/apache/log4j/chainsaw/*\n```\n(log4j jars may be nested in zip archives within product)", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j: Unsafe deserialization flaw in Chainsaw log viewer", }, { cve: "CVE-2022-34169", cwe: { id: "CWE-192", name: "Integer Coercion Error", }, discovery_date: "2022-07-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2108554", }, ], notes: [ { category: "description", text: "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-34169", }, { category: "external", summary: "RHBZ#2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-34169", url: "https://www.cve.org/CVERecord?id=CVE-2022-34169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", }, ], release_date: "2022-07-19T20:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", }, { cve: "CVE-2022-41853", cwe: { id: "CWE-470", name: "Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')", }, discovery_date: "2022-10-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2136141", }, ], notes: [ { category: "description", text: "A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.", title: "Vulnerability description", }, { category: "summary", text: "hsqldb: Untrusted input may lead to RCE attack", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-41853", }, { category: "external", summary: "RHBZ#2136141", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2136141", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-41853", url: "https://www.cve.org/CVERecord?id=CVE-2022-41853", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-41853", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-41853", }, { category: "external", summary: "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control", url: "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control", }, { category: "external", summary: "https://github.com/advisories/GHSA-77xx-rxvh-q682", url: "https://github.com/advisories/GHSA-77xx-rxvh-q682", }, ], release_date: "2022-10-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "By default, the static methods of any class that is on the classpath are available for use and can compromise security in some systems. The optional Java system property, hsqldb.method_class_names, allows preventing access to classes other than java.lang.Math or specifying a semicolon-separated list of allowed classes. A property value that ends with .* is treated as a wild card and allows access to all class or method names formed by substitution of the * (asterisk).\n\nIn the example below, the property has been included as an argument to the Java command.\n\n java -Dhsqldb.method_class_names=\"org.me.MyClass;org.you.YourClass;org.you.lib.*\" [the rest of the command line]\n\nThe above example allows access to the methods in the two classes: org.me.MyClass and org.you.YourClass together with all the classes in the org.you.lib package. Note that if the property is not defined, no access control is performed at this level.\n\nThe user who creates a Java routine must have the relevant access privileges on the tables that are used inside the Java method.\n\nOnce the routine has been defined, the normal database access control applies to its user. The routine can be executed only by those users who have been granted EXECUTE privileges on it. Access to routines can be granted to users with GRANT EXECUTE or GRANT ALL. For example, GRANT EXECUTE ON myroutine TO PUBLIC.\n\nIn hsqldb 2.7.1, all classes by default are not accessible, except those in java.lang.Math and need to be manually enabled.", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "hsqldb: Untrusted input may lead to RCE attack", }, { cve: "CVE-2022-46364", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2022-12-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2155682", }, ], notes: [ { category: "description", text: "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.", title: "Vulnerability description", }, { category: "summary", text: "CXF: SSRF Vulnerability", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-46364", }, { category: "external", summary: "RHBZ#2155682", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2155682", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-46364", url: "https://www.cve.org/CVERecord?id=CVE-2022-46364", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-46364", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-46364", }, { category: "external", summary: "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2", url: "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2", }, ], release_date: "2022-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "CXF: SSRF Vulnerability", }, { cve: "CVE-2023-3171", cwe: { id: "CWE-789", name: "Memory Allocation with Excessive Size Value", }, discovery_date: "2023-04-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2213639", }, ], notes: [ { category: "description", text: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "eap-7: heap exhaustion via deserialization", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { category: "external", summary: "RHBZ#2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3171", url: "https://www.cve.org/CVERecord?id=CVE-2023-3171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "eap-7: heap exhaustion via deserialization", }, { cve: "CVE-2023-5685", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-10-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2241822", }, ], notes: [ { category: "description", text: "A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "xnio: StackOverflowException when the chain of notifier states becomes problematically big", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates this vulnerability as an Important impact as the uncontrolled resource consumption may lead to Denial of Service (DoS). This might be intentioned by an attacker who is looking to jeopardize an environment.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-5685", }, { category: "external", summary: "RHBZ#2241822", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2241822", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-5685", url: "https://www.cve.org/CVERecord?id=CVE-2023-5685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-5685", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-5685", }, ], release_date: "2024-03-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "There is currently no mitigation available for this vulnerability. Please keep the packages up-to-date as the updates become available.", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "xnio: StackOverflowException when the chain of notifier states becomes problematically big", }, { cve: "CVE-2023-26464", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-03-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2182864", }, ], notes: [ { category: "description", text: "A flaw was found in Chainsaw and SocketAppender components with Log4j 1.x on JRE, less than 1.7. This issue may allow an attacker to use a logging entry with a specially-crafted hashmap or hashtable, depending on which logging component is in use, to process and exhaust the available memory in the virtual machine, resulting in a Denial of Service when the object is deserialized. This issue affects Apache Log4j before version 2.", title: "Vulnerability description", }, { category: "summary", text: "log4j1-socketappender: DoS via hashmap logging", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8 and 9 security impacts have been reduced to Low as they do not enable the vulnerable JDK by default.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26464", }, { category: "external", summary: "RHBZ#2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26464", url: "https://www.cve.org/CVERecord?id=CVE-2023-26464", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", }, { category: "external", summary: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", url: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", }, ], release_date: "2023-03-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j1-socketappender: DoS via hashmap logging", }, { cve: "CVE-2023-39410", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2023-10-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2242521", }, ], notes: [ { category: "description", text: "A flaw was found in apache-avro. When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints, leading to an out-of-memory error and a denial of service on the system.", title: "Vulnerability description", }, { category: "summary", text: "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-39410", }, { category: "external", summary: "RHBZ#2242521", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2242521", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-39410", url: "https://www.cve.org/CVERecord?id=CVE-2023-39410", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-39410", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-39410", }, { category: "external", summary: "https://issues.apache.org/jira/browse/AVRO-3819", url: "https://issues.apache.org/jira/browse/AVRO-3819", }, ], release_date: "2023-09-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK", }, { cve: "CVE-2024-28752", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2024-03-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2270732", }, ], notes: [ { category: "description", text: "A server-side request forgery (SSRF) vulnerability was found in Apache CXF. This issue occurs in attacks on webservices that take at least one parameter of any type, and when Aegisdatabind is used. Users of other data bindings including the default databinding are not impacted.", title: "Vulnerability description", }, { category: "summary", text: "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates this as an Important impact due to the fact this requires Aegis databind, which is not the default databinding for Apache CXF.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-28752", }, { category: "external", summary: "RHBZ#2270732", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270732", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-28752", url: "https://www.cve.org/CVERecord?id=CVE-2024-28752", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-28752", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-28752", }, { category: "external", summary: "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt", url: "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt", }, { category: "external", summary: "https://github.com/advisories/GHSA-qmgx-j96g-4428", url: "https://github.com/advisories/GHSA-qmgx-j96g-4428", }, ], release_date: "2024-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "No mitigation is currently available for this vulnerability. Please make sure to update as the fixes become available.", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding", }, { cve: "CVE-2024-47561", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2024-10-02T14:04:06.018000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2316116", }, ], notes: [ { category: "description", text: "A vulnerability was found in Apache Avro. The project is affected and at risk if it accepts an org.apache.Avro/avroAvro schema for parsing provided by an end user. This flaw allows an attacker to trigger remote code execution by using the special \"java-class\" attribute.", title: "Vulnerability description", }, { category: "summary", text: "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)", title: "Vulnerability summary", }, { category: "other", text: "The Red Hat build of Apache Camel K 1.10 was rated Important as it allows users to provide an Avro schema for parsing. Note that this functionality is limited to authenticated users.\n\nRed Hat Single Sign-On 7 ships the affected component in its maven repository but does not use it in the product. As such it is affected but not vulnerable to the flaw, and is assessed at Moderate security impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47561", }, { category: "external", summary: "RHBZ#2316116", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2316116", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47561", url: "https://www.cve.org/CVERecord?id=CVE-2024-47561", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47561", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47561", }, ], release_date: "2024-10-03T12:20:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:17+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10207", }, { category: "workaround", details: "1. Avoid parsing user-provided schemas.\n2. Ensure proper input validation and sanitization of schemas before parsing.\n3. Monitor systems for any unusual activities that may indicate exploitation attempts.\n4. Apply the principle of least privilege to minimize the potential impact of successful exploits.", product_ids: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-0:3.4.10-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-rt-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-services-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-apache-cxf-tools-0:3.4.10-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-avro-0:1.7.6-8.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-h2database-0:1.4.197-3.redhat_00004.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-annotations-api_1.3_spec-0:2.0.1-4.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-0:1.7.2-12.Final_redhat_00013.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-cli-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-core-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap6.4-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.2-to-eap7.3-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-eap7.3-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly10.1-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly11.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly12.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly13.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly14.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly15.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly16.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly17.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly18.0-server-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly8.2-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-server-migration-wildfly9.0-0:1.7.2-12.Final_redhat_00013.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-jboss-xnio-base-0:3.7.13-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-log4j-jboss-logmanager-0:1.2.2-2.Final_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-0:7.3.11-4.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk11-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-java-jdk8-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-javadocs-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wildfly-modules-0:7.3.11-4.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-0:2.3.3-2.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-wss4j-bindings-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-policy-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-common-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-dom-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-policy-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-wss4j-ws-security-stax-0:2.3.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xalan-j2-0:2.7.1-38.redhat_00015.1.el7eap.src", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.3-EUS:eap7-xml-security-0:2.2.3-2.redhat_00001.1.el7eap.src", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)", }, ], }
rhsa-2023:5484
Vulnerability from csaf_redhat
Published
2023-10-05 20:23
Modified
2025-03-24 12:03
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update on RHEL 7
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)
* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)
* nodejs-semver: Regular expression denial of service (CVE-2022-25883)
* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)
* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)
* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)
* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)\n\n* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)\n\n* nodejs-semver: Regular expression denial of service (CVE-2022-25883)\n\n* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)\n\n* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)\n\n* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)\n\n* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:5484", url: "https://access.redhat.com/errata/RHSA-2023:5484", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", }, { category: "external", summary: "2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "JBEAP-24667", url: "https://issues.redhat.com/browse/JBEAP-24667", }, { category: "external", summary: "JBEAP-24797", url: "https://issues.redhat.com/browse/JBEAP-24797", }, { category: "external", summary: "JBEAP-24966", url: "https://issues.redhat.com/browse/JBEAP-24966", }, { category: "external", summary: "JBEAP-24985", url: "https://issues.redhat.com/browse/JBEAP-24985", }, { category: "external", summary: "JBEAP-25032", url: "https://issues.redhat.com/browse/JBEAP-25032", }, { category: "external", summary: "JBEAP-25033", url: "https://issues.redhat.com/browse/JBEAP-25033", }, { category: "external", summary: "JBEAP-25078", url: "https://issues.redhat.com/browse/JBEAP-25078", }, { category: "external", summary: "JBEAP-25122", url: "https://issues.redhat.com/browse/JBEAP-25122", }, { category: "external", summary: "JBEAP-25135", url: "https://issues.redhat.com/browse/JBEAP-25135", }, { category: "external", summary: "JBEAP-25186", url: "https://issues.redhat.com/browse/JBEAP-25186", }, { category: "external", summary: "JBEAP-25200", url: "https://issues.redhat.com/browse/JBEAP-25200", }, { category: "external", summary: "JBEAP-25225", url: "https://issues.redhat.com/browse/JBEAP-25225", }, { category: "external", summary: "JBEAP-25261", url: "https://issues.redhat.com/browse/JBEAP-25261", }, { category: "external", summary: "JBEAP-25285", url: "https://issues.redhat.com/browse/JBEAP-25285", }, { category: "external", summary: "JBEAP-25312", url: "https://issues.redhat.com/browse/JBEAP-25312", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5484.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update on RHEL 7", tracking: { current_release_date: "2025-03-24T12:03:23+00:00", generator: { date: "2025-03-24T12:03:23+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2023:5484", initial_release_date: "2023-10-05T20:23:52+00:00", revision_history: [ { date: "2023-10-05T20:23:52+00:00", number: "1", summary: "Initial version", }, { date: "2023-10-05T20:23:52+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-24T12:03:23+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss EAP 7.4 for RHEL 7 Server", product: { name: "Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", product: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", product_id: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-undertow@2.2.26-1.SP1_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.20-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", product: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", product_id: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.13-2.SP1_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.94-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.10-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy@3.15.8-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", product: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", product_id: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-31.Final_redhat_00030.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-mod_cluster@1.4.5-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate@5.3.31-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hal-console@3.3.19-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar@1.5.15-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-modules@1.12.2-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", product: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", product_id: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-15.redhat_00049.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", product: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", product_id: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.76.0-4.redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.94-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", product: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", product_id: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.13-8.GA_redhat_00001.1.el7eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", product: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", product_id: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-undertow@2.2.26-1.SP1_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.20-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.20-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.13-2.SP1_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.13-2.SP1_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-all@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-buffer@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-common@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-rxtx@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-udt@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.10-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-cdi@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-client@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-crypto@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jsapi@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-spring@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-31.Final_redhat_00030.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-31.Final_redhat_00030.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-31.Final_redhat_00030.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-mod_cluster@1.4.5-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate@5.3.31-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-core@5.3.31-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.31-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-envers@5.3.31-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-java8@5.3.31-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hal-console@3.3.19-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-modules@1.12.2-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_id: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.76.0-4.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product: { name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_id: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-mail@1.76.0-4.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product: { name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_id: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-pg@1.76.0-4.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product: { name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_id: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.76.0-4.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product: { name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_id: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-prov@1.76.0-4.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product: { name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_id: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-util@1.76.0-4.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.13-8.GA_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.13-8.GA_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.13-8.GA_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.13-8.GA_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-modules@7.4.13-8.GA_redhat_00001.1.el7eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", product_id: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.94-1.Final_redhat_00001.1.el7eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", product_id: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.94-1.Final_redhat_00001.1.el7eap?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", }, product_reference: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", }, product_reference: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", }, product_reference: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", }, product_reference: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", }, product_reference: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", }, product_reference: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, ], }, vulnerabilities: [ { cve: "CVE-2022-25883", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2023-06-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216475", }, ], notes: [ { category: "description", text: "A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size, resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-semver: Regular expression denial of service", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Advanced Cluster Management for Kubernetes-2 and Red Hat Advanced Cluster Security-3 has been marked as Low severity because node-semver is a Dev dependency for those, used only during the build process, and not used in customer environments.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM) the server-regexp dependency is protected by OAuth what is reducing impact by this flaw to Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25883", }, { category: "external", summary: "RHBZ#2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25883", url: "https://www.cve.org/CVERecord?id=CVE-2022-25883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", }, { category: "external", summary: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", url: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", url: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", }, ], release_date: "2023-06-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:23:52+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5484", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nodejs-semver: Regular expression denial of service", }, { cve: "CVE-2023-3171", cwe: { id: "CWE-789", name: "Memory Allocation with Excessive Size Value", }, discovery_date: "2023-04-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2213639", }, ], notes: [ { category: "description", text: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "eap-7: heap exhaustion via deserialization", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { category: "external", summary: "RHBZ#2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3171", url: "https://www.cve.org/CVERecord?id=CVE-2023-3171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:23:52+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5484", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "eap-7: heap exhaustion via deserialization", }, { cve: "CVE-2023-4061", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-08-02T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2228608", }, ], notes: [ { category: "description", text: "A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system.", title: "Vulnerability description", }, { category: "summary", text: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability requires a malicious user to previously have access to the system, especially access to the HAL interface via browser and logged with a management user who have access to the resolve-expression method, hence the moderate impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], known_not_affected: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-4061", }, { category: "external", summary: "RHBZ#2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-4061", url: "https://www.cve.org/CVERecord?id=CVE-2023-4061", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:23:52+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5484", }, { category: "workaround", details: "Wildfly administrators are recommended to use Vault, especially the Elytron subsystem, to store potential critical information such as DNS, IPs, and credentials.", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", }, { acknowledgments: [ { names: [ "Kokorin Vsevolod", ], }, ], cve: "CVE-2023-26136", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, discovery_date: "2023-07-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2219310", }, ], notes: [ { category: "description", text: "A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.", title: "Vulnerability description", }, { category: "summary", text: "tough-cookie: prototype pollution in cookie memstore", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26136", }, { category: "external", summary: "RHBZ#2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26136", url: "https://www.cve.org/CVERecord?id=CVE-2023-26136", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", url: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/issues/282", url: "https://github.com/salesforce/tough-cookie/issues/282", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", url: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", }, { category: "external", summary: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", url: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", }, ], release_date: "2023-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:23:52+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5484", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tough-cookie: prototype pollution in cookie memstore", }, { cve: "CVE-2023-26464", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-03-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2182864", }, ], notes: [ { category: "description", text: "A flaw was found in Chainsaw and SocketAppender components with Log4j 1.x on JRE, less than 1.7. This issue may allow an attacker to use a logging entry with a specially-crafted hashmap or hashtable, depending on which logging component is in use, to process and exhaust the available memory in the virtual machine, resulting in a Denial of Service when the object is deserialized. This issue affects Apache Log4j before version 2.", title: "Vulnerability description", }, { category: "summary", text: "log4j1-socketappender: DoS via hashmap logging", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8 and 9 security impacts have been reduced to Low as they do not enable the vulnerable JDK by default.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26464", }, { category: "external", summary: "RHBZ#2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26464", url: "https://www.cve.org/CVERecord?id=CVE-2023-26464", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", }, { category: "external", summary: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", url: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", }, ], release_date: "2023-03-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:23:52+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5484", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j1-socketappender: DoS via hashmap logging", }, { cve: "CVE-2023-33201", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-06-16T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2215465", }, ], notes: [ { category: "description", text: "A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain unauthorized information via blind LDAP Injection, exploring the environment and enumerating data. The exploit depends on the structure of the target LDAP directory as well as what kind of errors are exposed to the user.", title: "Vulnerability description", }, { category: "summary", text: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", ], known_not_affected: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-33201", }, { category: "external", summary: "RHBZ#2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-33201", url: "https://www.cve.org/CVERecord?id=CVE-2023-33201", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", }, { category: "external", summary: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", url: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", }, ], release_date: "2023-06-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:23:52+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5484", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", }, { cve: "CVE-2023-34462", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2023-06-23T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216888", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's SniHandler while navigating TLS handshake which may permit a large heap allocation if the handler did not have a timeout configured. This issue may allow an attacker to send a client hello packet which would cause the server to buffer large amounts of data per connection, potentially causing an out of memory error, resulting in Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "netty: SniHandler 16MB allocation leads to OOM", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", ], known_not_affected: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-34462", }, { category: "external", summary: "RHBZ#2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-34462", url: "https://www.cve.org/CVERecord?id=CVE-2023-34462", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", }, ], release_date: "2023-06-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:23:52+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5484", }, { category: "workaround", details: "Configuration of SniHandler with an idle timeout will mitigate this issue.", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: SniHandler 16MB allocation leads to OOM", }, ], }
RHSA-2023:5484
Vulnerability from csaf_redhat
Published
2023-10-05 20:23
Modified
2025-03-24 12:03
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update on RHEL 7
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)
* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)
* nodejs-semver: Regular expression denial of service (CVE-2022-25883)
* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)
* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)
* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)
* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)\n\n* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)\n\n* nodejs-semver: Regular expression denial of service (CVE-2022-25883)\n\n* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)\n\n* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)\n\n* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)\n\n* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:5484", url: "https://access.redhat.com/errata/RHSA-2023:5484", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", }, { category: "external", summary: "2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "JBEAP-24667", url: "https://issues.redhat.com/browse/JBEAP-24667", }, { category: "external", summary: "JBEAP-24797", url: "https://issues.redhat.com/browse/JBEAP-24797", }, { category: "external", summary: "JBEAP-24966", url: "https://issues.redhat.com/browse/JBEAP-24966", }, { category: "external", summary: "JBEAP-24985", url: "https://issues.redhat.com/browse/JBEAP-24985", }, { category: "external", summary: "JBEAP-25032", url: "https://issues.redhat.com/browse/JBEAP-25032", }, { category: "external", summary: "JBEAP-25033", url: "https://issues.redhat.com/browse/JBEAP-25033", }, { category: "external", summary: "JBEAP-25078", url: "https://issues.redhat.com/browse/JBEAP-25078", }, { category: "external", summary: "JBEAP-25122", url: "https://issues.redhat.com/browse/JBEAP-25122", }, { category: "external", summary: "JBEAP-25135", url: "https://issues.redhat.com/browse/JBEAP-25135", }, { category: "external", summary: "JBEAP-25186", url: "https://issues.redhat.com/browse/JBEAP-25186", }, { category: "external", summary: "JBEAP-25200", url: "https://issues.redhat.com/browse/JBEAP-25200", }, { category: "external", summary: "JBEAP-25225", url: "https://issues.redhat.com/browse/JBEAP-25225", }, { category: "external", summary: "JBEAP-25261", url: "https://issues.redhat.com/browse/JBEAP-25261", }, { category: "external", summary: "JBEAP-25285", url: "https://issues.redhat.com/browse/JBEAP-25285", }, { category: "external", summary: "JBEAP-25312", url: "https://issues.redhat.com/browse/JBEAP-25312", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5484.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update on RHEL 7", tracking: { current_release_date: "2025-03-24T12:03:23+00:00", generator: { date: "2025-03-24T12:03:23+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2023:5484", initial_release_date: "2023-10-05T20:23:52+00:00", revision_history: [ { date: "2023-10-05T20:23:52+00:00", number: "1", summary: "Initial version", }, { date: "2023-10-05T20:23:52+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-24T12:03:23+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss EAP 7.4 for RHEL 7 Server", product: { name: "Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", product: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", product_id: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-undertow@2.2.26-1.SP1_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.20-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", product: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", product_id: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.13-2.SP1_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.94-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.10-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy@3.15.8-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", product: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", product_id: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-31.Final_redhat_00030.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-mod_cluster@1.4.5-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate@5.3.31-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hal-console@3.3.19-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar@1.5.15-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-modules@1.12.2-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", product: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", product_id: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-15.redhat_00049.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", product: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", product_id: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.76.0-4.redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", product: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", product_id: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.94-1.Final_redhat_00001.1.el7eap?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", product: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", product_id: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.13-8.GA_redhat_00001.1.el7eap?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", product: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", product_id: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-undertow@2.2.26-1.SP1_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron@1.15.20-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.15.20-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.13-2.SP1_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.13-2.SP1_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-all@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-buffer@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-dns@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-haproxy@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-http2@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-memcache@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-mqtt@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-redis@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-smtp@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-socks@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-stomp@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-codec-xml@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-common@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-handler-proxy@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-resolver-dns-classes-macos@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-epoll@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-classes-kqueue@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-unix-common@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-rxtx@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-sctp@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-udt@4.1.94-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.8.10-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-cdi@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-client@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-crypto@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-jsapi@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-spring@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.15.8-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-31.Final_redhat_00030.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-31.Final_redhat_00030.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product: { name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product_id: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-31.Final_redhat_00030.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-mod_cluster@1.4.5-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate@5.3.31-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-core@5.3.31-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.31-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-envers@5.3.31-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hibernate-java8@5.3.31-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-hal-console@3.3.19-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.15-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", product: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", product_id: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-modules@1.12.2-1.Final_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-server@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product: { name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_id: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.16.0-15.redhat_00049.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_id: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.76.0-4.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product: { name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_id: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-mail@1.76.0-4.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product: { name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_id: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-pg@1.76.0-4.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product: { name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_id: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.76.0-4.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product: { name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_id: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-prov@1.76.0-4.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product: { name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_id: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-util@1.76.0-4.redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.4.13-8.GA_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.13-8.GA_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.13-8.GA_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.13-8.GA_redhat_00001.1.el7eap?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product: { name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_id: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-modules@7.4.13-8.GA_redhat_00001.1.el7eap?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", product_id: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll@4.1.94-1.Final_redhat_00001.1.el7eap?arch=x86_64", }, }, }, { category: "product_version", name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", product: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", product_id: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-netty-transport-native-epoll-debuginfo@4.1.94-1.Final_redhat_00001.1.el7eap?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", }, product_reference: "eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", }, product_reference: "eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", }, product_reference: "eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", }, product_reference: "eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", }, product_reference: "eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", }, product_reference: "eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", }, product_reference: "eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", }, product_reference: "eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", }, product_reference: "eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", }, product_reference: "eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", product_id: "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", }, product_reference: "eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", relates_to_product_reference: "7Server-JBEAP-7.4", }, ], }, vulnerabilities: [ { cve: "CVE-2022-25883", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2023-06-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216475", }, ], notes: [ { category: "description", text: "A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size, resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-semver: Regular expression denial of service", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Advanced Cluster Management for Kubernetes-2 and Red Hat Advanced Cluster Security-3 has been marked as Low severity because node-semver is a Dev dependency for those, used only during the build process, and not used in customer environments.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM) the server-regexp dependency is protected by OAuth what is reducing impact by this flaw to Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25883", }, { category: "external", summary: "RHBZ#2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25883", url: "https://www.cve.org/CVERecord?id=CVE-2022-25883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", }, { category: "external", summary: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", url: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", url: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", }, ], release_date: "2023-06-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:23:52+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5484", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nodejs-semver: Regular expression denial of service", }, { cve: "CVE-2023-3171", cwe: { id: "CWE-789", name: "Memory Allocation with Excessive Size Value", }, discovery_date: "2023-04-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2213639", }, ], notes: [ { category: "description", text: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "eap-7: heap exhaustion via deserialization", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { category: "external", summary: "RHBZ#2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3171", url: "https://www.cve.org/CVERecord?id=CVE-2023-3171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:23:52+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5484", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "eap-7: heap exhaustion via deserialization", }, { cve: "CVE-2023-4061", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-08-02T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2228608", }, ], notes: [ { category: "description", text: "A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system.", title: "Vulnerability description", }, { category: "summary", text: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability requires a malicious user to previously have access to the system, especially access to the HAL interface via browser and logged with a management user who have access to the resolve-expression method, hence the moderate impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], known_not_affected: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-4061", }, { category: "external", summary: "RHBZ#2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-4061", url: "https://www.cve.org/CVERecord?id=CVE-2023-4061", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:23:52+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5484", }, { category: "workaround", details: "Wildfly administrators are recommended to use Vault, especially the Elytron subsystem, to store potential critical information such as DNS, IPs, and credentials.", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", }, { acknowledgments: [ { names: [ "Kokorin Vsevolod", ], }, ], cve: "CVE-2023-26136", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, discovery_date: "2023-07-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2219310", }, ], notes: [ { category: "description", text: "A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.", title: "Vulnerability description", }, { category: "summary", text: "tough-cookie: prototype pollution in cookie memstore", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26136", }, { category: "external", summary: "RHBZ#2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26136", url: "https://www.cve.org/CVERecord?id=CVE-2023-26136", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", url: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/issues/282", url: "https://github.com/salesforce/tough-cookie/issues/282", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", url: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", }, { category: "external", summary: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", url: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", }, ], release_date: "2023-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:23:52+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5484", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tough-cookie: prototype pollution in cookie memstore", }, { cve: "CVE-2023-26464", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-03-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2182864", }, ], notes: [ { category: "description", text: "A flaw was found in Chainsaw and SocketAppender components with Log4j 1.x on JRE, less than 1.7. This issue may allow an attacker to use a logging entry with a specially-crafted hashmap or hashtable, depending on which logging component is in use, to process and exhaust the available memory in the virtual machine, resulting in a Denial of Service when the object is deserialized. This issue affects Apache Log4j before version 2.", title: "Vulnerability description", }, { category: "summary", text: "log4j1-socketappender: DoS via hashmap logging", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8 and 9 security impacts have been reduced to Low as they do not enable the vulnerable JDK by default.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26464", }, { category: "external", summary: "RHBZ#2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26464", url: "https://www.cve.org/CVERecord?id=CVE-2023-26464", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", }, { category: "external", summary: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", url: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", }, ], release_date: "2023-03-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:23:52+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5484", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j1-socketappender: DoS via hashmap logging", }, { cve: "CVE-2023-33201", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-06-16T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2215465", }, ], notes: [ { category: "description", text: "A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain unauthorized information via blind LDAP Injection, exploring the environment and enumerating data. The exploit depends on the structure of the target LDAP directory as well as what kind of errors are exposed to the user.", title: "Vulnerability description", }, { category: "summary", text: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", ], known_not_affected: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-33201", }, { category: "external", summary: "RHBZ#2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-33201", url: "https://www.cve.org/CVERecord?id=CVE-2023-33201", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", }, { category: "external", summary: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", url: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", }, ], release_date: "2023-06-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:23:52+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5484", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", }, { cve: "CVE-2023-34462", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2023-06-23T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216888", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's SniHandler while navigating TLS handshake which may permit a large heap allocation if the handler did not have a timeout configured. This issue may allow an attacker to send a client hello packet which would cause the server to buffer large amounts of data per connection, potentially causing an out of memory error, resulting in Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "netty: SniHandler 16MB allocation leads to OOM", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", ], known_not_affected: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-34462", }, { category: "external", summary: "RHBZ#2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-34462", url: "https://www.cve.org/CVERecord?id=CVE-2023-34462", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", }, ], release_date: "2023-06-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:23:52+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5484", }, { category: "workaround", details: "Configuration of SniHandler with an idle timeout will mitigate this issue.", product_ids: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-0:2.16.0-15.redhat_00049.1.el7eap.src", "7Server-JBEAP-7.4:eap7-activemq-artemis-cli-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-commons-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-core-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-dto-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hornetq-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-hqclient-protocol-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jdbc-store-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-client-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-jms-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-journal-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-ra-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-selector-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-server-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-service-extensions-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-activemq-artemis-tools-0:2.16.0-15.redhat_00049.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-0:1.76.0-4.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-bouncycastle-mail-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pg-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-pkix-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-prov-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-bouncycastle-util-0:1.76.0-4.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.19-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-0:5.3.31-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-core-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-entitymanager-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-envers-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-java8-0:5.3.31-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-marshalling-0:2.0.13-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-marshalling-river-0:2.0.13-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-modules-0:1.12.2-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-31.Final_redhat_00030.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-31.Final_redhat_00030.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-xnio-base-0:3.8.10-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-all-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-buffer-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-haproxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-http2-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-memcache-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-mqtt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-redis-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-smtp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-socks-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-stomp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-codec-xml-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-handler-proxy-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-resolver-dns-classes-macos-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-classes-kqueue-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-epoll-debuginfo-0:4.1.94-1.Final_redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-netty-transport-native-unix-common-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-rxtx-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-sctp-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-netty-transport-udt-0:4.1.94-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-0:3.15.8-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-resteasy-atom-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-cdi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-client-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-crypto-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jackson2-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxb-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jaxrs-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jettison-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jose-jwt-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-jsapi-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-binding-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-json-p-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-multipart-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-rxjava2-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-spring-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-validator-provider-11-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-resteasy-yaml-provider-0:3.15.8-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-0:2.2.26-1.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.13-8.GA_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-elytron-0:1.15.20-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-elytron-tool-0:1.15.20-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.13-8.GA_redhat_00001.1.el7eap.noarch", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: SniHandler 16MB allocation leads to OOM", }, ], }
RHSA-2023:5488
Vulnerability from csaf_redhat
Published
2023-10-05 20:18
Modified
2025-03-24 12:02
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)
* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)
* nodejs-semver: Regular expression denial of service (CVE-2022-25883)
* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)
* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)
* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)
* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform 7.4.13 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.12 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.13 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* server: eap-7: heap exhaustion via deserialization (CVE-2023-3171)\n\n* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging (CVE-2023-26464)\n\n* nodejs-semver: Regular expression denial of service (CVE-2022-25883)\n\n* wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor (CVE-2023-4061)\n\n* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)\n\n* bouncycastle: potential blind LDAP injection attack using a self-signed certificate (CVE-2023-33201)\n\n* netty: netty-handler: SniHandler 16MB allocation (CVE-2023-34462)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2023:5488", url: "https://access.redhat.com/errata/RHSA-2023:5488", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches&product=appplatform&version=7.4", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches&product=appplatform&version=7.4", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", url: "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/", }, { category: "external", summary: "2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "JBEAP-24667", url: "https://issues.redhat.com/browse/JBEAP-24667", }, { category: "external", summary: "JBEAP-24966", url: "https://issues.redhat.com/browse/JBEAP-24966", }, { category: "external", summary: "JBEAP-24985", url: "https://issues.redhat.com/browse/JBEAP-24985", }, { category: "external", summary: "JBEAP-25032", url: "https://issues.redhat.com/browse/JBEAP-25032", }, { category: "external", summary: "JBEAP-25033", url: "https://issues.redhat.com/browse/JBEAP-25033", }, { category: "external", summary: "JBEAP-25078", url: "https://issues.redhat.com/browse/JBEAP-25078", }, { category: "external", summary: "JBEAP-25122", url: "https://issues.redhat.com/browse/JBEAP-25122", }, { category: "external", summary: "JBEAP-25135", url: "https://issues.redhat.com/browse/JBEAP-25135", }, { category: "external", summary: "JBEAP-25186", url: "https://issues.redhat.com/browse/JBEAP-25186", }, { category: "external", summary: "JBEAP-25200", url: "https://issues.redhat.com/browse/JBEAP-25200", }, { category: "external", summary: "JBEAP-25225", url: "https://issues.redhat.com/browse/JBEAP-25225", }, { category: "external", summary: "JBEAP-25261", url: "https://issues.redhat.com/browse/JBEAP-25261", }, { category: "external", summary: "JBEAP-25285", url: "https://issues.redhat.com/browse/JBEAP-25285", }, { category: "external", summary: "JBEAP-25312", url: "https://issues.redhat.com/browse/JBEAP-25312", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_5488.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.13 security update", tracking: { current_release_date: "2025-03-24T12:02:27+00:00", generator: { date: "2025-03-24T12:02:27+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2023:5488", initial_release_date: "2023-10-05T20:18:28+00:00", revision_history: [ { date: "2023-10-05T20:18:28+00:00", number: "1", summary: "Initial version", }, { date: "2023-10-05T20:18:28+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-24T12:02:27+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "EAP 7.4.13", product: { name: "EAP 7.4.13", product_id: "EAP 7.4.13", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2022-25883", cwe: { id: "CWE-1333", name: "Inefficient Regular Expression Complexity", }, discovery_date: "2023-06-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216475", }, ], notes: [ { category: "description", text: "A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in node-semver package via the 'new Range' function. This issue could allow an attacker to pass untrusted malicious regex user data as a range, causing the service to excessively consume CPU depending upon the input size, resulting in a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "nodejs-semver: Regular expression denial of service", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Advanced Cluster Management for Kubernetes-2 and Red Hat Advanced Cluster Security-3 has been marked as Low severity because node-semver is a Dev dependency for those, used only during the build process, and not used in customer environments.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM) the server-regexp dependency is protected by OAuth what is reducing impact by this flaw to Low.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "EAP 7.4.13", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-25883", }, { category: "external", summary: "RHBZ#2216475", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216475", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-25883", url: "https://www.cve.org/CVERecord?id=CVE-2022-25883", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-25883", }, { category: "external", summary: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", url: "https://github.com/advisories/GHSA-c2qf-rxjj-qqgw", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", url: "https://security.snyk.io/vuln/SNYK-JS-SEMVER-3247795", }, ], release_date: "2023-06-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:18:28+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "EAP 7.4.13", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5488", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "EAP 7.4.13", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "nodejs-semver: Regular expression denial of service", }, { cve: "CVE-2023-3171", cwe: { id: "CWE-789", name: "Memory Allocation with Excessive Size Value", }, discovery_date: "2023-04-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2213639", }, ], notes: [ { category: "description", text: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "eap-7: heap exhaustion via deserialization", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "EAP 7.4.13", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { category: "external", summary: "RHBZ#2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3171", url: "https://www.cve.org/CVERecord?id=CVE-2023-3171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:18:28+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "EAP 7.4.13", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5488", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "EAP 7.4.13", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "eap-7: heap exhaustion via deserialization", }, { cve: "CVE-2023-4061", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-08-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2228608", }, ], notes: [ { category: "description", text: "A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system.", title: "Vulnerability description", }, { category: "summary", text: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability requires a malicious user to previously have access to the system, especially access to the HAL interface via browser and logged with a management user who have access to the resolve-expression method, hence the moderate impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "EAP 7.4.13", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-4061", }, { category: "external", summary: "RHBZ#2228608", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2228608", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-4061", url: "https://www.cve.org/CVERecord?id=CVE-2023-4061", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-4061", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:18:28+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "EAP 7.4.13", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5488", }, { category: "workaround", details: "Wildfly administrators are recommended to use Vault, especially the Elytron subsystem, to store potential critical information such as DNS, IPs, and credentials.", product_ids: [ "EAP 7.4.13", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "EAP 7.4.13", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "wildfly-core: Management User RBAC permission allows unexpected reading of system-properties to an Unauthorized actor", }, { acknowledgments: [ { names: [ "Kokorin Vsevolod", ], }, ], cve: "CVE-2023-26136", cwe: { id: "CWE-1321", name: "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", }, discovery_date: "2023-07-03T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2219310", }, ], notes: [ { category: "description", text: "A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.", title: "Vulnerability description", }, { category: "summary", text: "tough-cookie: prototype pollution in cookie memstore", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "EAP 7.4.13", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26136", }, { category: "external", summary: "RHBZ#2219310", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2219310", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26136", url: "https://www.cve.org/CVERecord?id=CVE-2023-26136", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26136", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", url: "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/issues/282", url: "https://github.com/salesforce/tough-cookie/issues/282", }, { category: "external", summary: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", url: "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3", }, { category: "external", summary: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", url: "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html", }, { category: "external", summary: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", url: "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873", }, ], release_date: "2023-07-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:18:28+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "EAP 7.4.13", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5488", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "EAP 7.4.13", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "tough-cookie: prototype pollution in cookie memstore", }, { cve: "CVE-2023-26464", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-03-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2182864", }, ], notes: [ { category: "description", text: "A flaw was found in Chainsaw and SocketAppender components with Log4j 1.x on JRE, less than 1.7. This issue may allow an attacker to use a logging entry with a specially-crafted hashmap or hashtable, depending on which logging component is in use, to process and exhaust the available memory in the virtual machine, resulting in a Denial of Service when the object is deserialized. This issue affects Apache Log4j before version 2.", title: "Vulnerability description", }, { category: "summary", text: "log4j1-socketappender: DoS via hashmap logging", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8 and 9 security impacts have been reduced to Low as they do not enable the vulnerable JDK by default.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "EAP 7.4.13", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26464", }, { category: "external", summary: "RHBZ#2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26464", url: "https://www.cve.org/CVERecord?id=CVE-2023-26464", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", }, { category: "external", summary: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", url: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", }, ], release_date: "2023-03-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:18:28+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "EAP 7.4.13", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5488", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "EAP 7.4.13", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "EAP 7.4.13", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j1-socketappender: DoS via hashmap logging", }, { cve: "CVE-2023-33201", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2023-06-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2215465", }, ], notes: [ { category: "description", text: "A flaw was found in Bouncy Castle 1.73. This issue targets the fix of LDAP wild cards. Before the fix there was no validation for the X.500 name of any certificate, subject, or issuer, so the presence of a wild card may lead to information disclosure. This could allow a malicious user to obtain unauthorized information via blind LDAP Injection, exploring the environment and enumerating data. The exploit depends on the structure of the target LDAP directory as well as what kind of errors are exposed to the user.", title: "Vulnerability description", }, { category: "summary", text: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "EAP 7.4.13", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-33201", }, { category: "external", summary: "RHBZ#2215465", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2215465", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-33201", url: "https://www.cve.org/CVERecord?id=CVE-2023-33201", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-33201", }, { category: "external", summary: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", url: "https://github.com/bcgit/bc-java/wiki/CVE-2023-33201", }, ], release_date: "2023-06-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:18:28+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "EAP 7.4.13", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5488", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "EAP 7.4.13", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bouncycastle: potential blind LDAP injection attack using a self-signed certificate", }, { cve: "CVE-2023-34462", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2023-06-23T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2216888", }, ], notes: [ { category: "description", text: "A flaw was found in Netty's SniHandler while navigating TLS handshake which may permit a large heap allocation if the handler did not have a timeout configured. This issue may allow an attacker to send a client hello packet which would cause the server to buffer large amounts of data per connection, potentially causing an out of memory error, resulting in Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "netty: SniHandler 16MB allocation leads to OOM", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "EAP 7.4.13", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-34462", }, { category: "external", summary: "RHBZ#2216888", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2216888", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-34462", url: "https://www.cve.org/CVERecord?id=CVE-2023-34462", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-34462", }, ], release_date: "2023-06-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2023-10-05T20:18:28+00:00", details: "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).", product_ids: [ "EAP 7.4.13", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2023:5488", }, { category: "workaround", details: "Configuration of SniHandler with an idle timeout will mitigate this issue.", product_ids: [ "EAP 7.4.13", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "EAP 7.4.13", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "netty: SniHandler 16MB allocation leads to OOM", }, ], }
RHSA-2024:10208
Vulnerability from csaf_redhat
Published
2024-11-25 00:12
Modified
2025-03-19 10:23
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.8 on RHEL 7 security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.1.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.1.8 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible [eap-7.1.z] (CVE-2020-28052)
* hsqldb: Untrusted input may lead to RCE attack [eap-7.1.z] (CVE-2022-41853)
* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding [eap-7.1.z] (CVE-2024-28752)
* h2: Loading of custom classes from remote servers through JNDI [eap-7.1.z] (CVE-2022-23221)
* CXF: Apache CXF: SSRF Vulnerability [eap-7.1.z] (CVE-2022-46364)
* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.1.z] (CVE-2022-34169)
* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging [eap-7.1.z] (CVE-2023-26464)
* xnio: StackOverflowException when the chain of notifier states becomes problematically big [eap-7.1.z] (CVE-2023-5685)
* server: eap-7: heap exhaustion via deserialization [eap-7.1.z] (CVE-2023-3171)
* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling [eap-7.1.z] (CVE-2020-7238)
* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK [eap-7.1.z] (CVE-2023-39410)
* avro: apache-avro: Schema parsing may trigger Remote Code Execution (RCE) [eap-7.1.z] (CVE-2024-47561)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "A security update is now available for Red Hat JBoss Enterprise Application Platform 7.1 for Red Hat Enterprise Linux 7.\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.1.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.1.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.1.8 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible [eap-7.1.z] (CVE-2020-28052)\n\n* hsqldb: Untrusted input may lead to RCE attack [eap-7.1.z] (CVE-2022-41853)\n\n* cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding [eap-7.1.z] (CVE-2024-28752)\n\n* h2: Loading of custom classes from remote servers through JNDI [eap-7.1.z] (CVE-2022-23221)\n\n* CXF: Apache CXF: SSRF Vulnerability [eap-7.1.z] (CVE-2022-46364)\n\n* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.1.z] (CVE-2022-34169)\n\n* log4j: log4j1-chainsaw, log4j1-socketappender: DoS via hashmap logging [eap-7.1.z] (CVE-2023-26464)\n\n* xnio: StackOverflowException when the chain of notifier states becomes problematically big [eap-7.1.z] (CVE-2023-5685)\n\n* server: eap-7: heap exhaustion via deserialization [eap-7.1.z] (CVE-2023-3171)\n\n* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling [eap-7.1.z] (CVE-2020-7238)\n\n* avro: apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK [eap-7.1.z] (CVE-2023-39410)\n\n* avro: apache-avro: Schema parsing may trigger Remote Code Execution (RCE) [eap-7.1.z] (CVE-2024-47561)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2024:10208", url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1/html-single/installation_guide/index", url: "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.1/html-single/installation_guide/index", }, { category: "external", summary: "1796225", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796225", }, { category: "external", summary: "1912881", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1912881", }, { category: "external", summary: "2044596", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2044596", }, { category: "external", summary: "2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "2136141", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2136141", }, { category: "external", summary: "2155682", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2155682", }, { category: "external", summary: "2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "2241822", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2241822", }, { category: "external", summary: "2242521", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2242521", }, { category: "external", summary: "2270732", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270732", }, { category: "external", summary: "2316116", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2316116", }, { category: "external", summary: "JBEAP-27708", url: "https://issues.redhat.com/browse/JBEAP-27708", }, { category: "external", summary: "JBEAP-28086", url: "https://issues.redhat.com/browse/JBEAP-28086", }, { category: "external", summary: "JBEAP-28130", url: "https://issues.redhat.com/browse/JBEAP-28130", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10208.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.1.8 on RHEL 7 security update", tracking: { current_release_date: "2025-03-19T10:23:56+00:00", generator: { date: "2025-03-19T10:23:56+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHSA-2024:10208", initial_release_date: "2024-11-25T00:12:13+00:00", revision_history: [ { date: "2024-11-25T00:12:13+00:00", number: "1", summary: "Initial version", }, { date: "2024-11-25T00:12:13+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-19T10:23:56+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product: { name: "Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7", }, }, }, ], category: "product_family", name: "Red Hat JBoss Enterprise Application Platform", }, { branches: [ { category: "product_version", name: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", product: { name: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", product_id: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jackson-databind@2.8.11.6-1.SP1_redhat_00001.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", product: { name: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", product_id: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.5.10-1.Final_redhat_00001.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", product: { name: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", product_id: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-avro@1.7.6-2.redhat_00003.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", product: { name: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", product_id: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-26.redhat_00015.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", product: { name: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", product_id: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf@3.1.16-3.SP1_redhat_00001.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", product: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", product_id: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.15-1.Final_redhat_00001.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", product: { name: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", product_id: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.68.0-1.redhat_00005.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", product: { name: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", product_id: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00005.1.ep7.el7?arch=src", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", product: { name: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", product_id: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.1.8-2.GA_redhat_00002.1.ep7.el7?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jackson-databind@2.8.11.6-1.SP1_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-xnio-base@3.5.10-1.Final_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", product: { name: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", product_id: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-avro@1.7.6-2.redhat_00003.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", product: { name: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", product_id: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-26.redhat_00015.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf@3.1.16-3.SP1_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf-rt@3.1.16-3.SP1_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf-services@3.1.16-3.SP1_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-apache-cxf-tools@3.1.16-3.SP1_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling@2.0.15-1.Final_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", product: { name: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", product_id: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-jboss-marshalling-river@2.0.15-1.Final_redhat_00001.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product: { name: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_id: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle@1.68.0-1.redhat_00005.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product: { name: "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_id: "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-mail@1.68.0-1.redhat_00005.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product: { name: "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_id: "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-pkix@1.68.0-1.redhat_00005.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product: { name: "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_id: "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-bouncycastle-prov@1.68.0-1.redhat_00005.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", product: { name: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", product_id: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-h2database@1.4.197-2.redhat_00005.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", product: { name: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", product_id: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly@7.1.8-2.GA_redhat_00002.1.ep7.el7?arch=noarch", }, }, }, { category: "product_version", name: "eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", product: { name: "eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", product_id: "eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", product_identification_helper: { purl: "pkg:rpm/redhat/eap7-wildfly-modules@7.1.8-2.GA_redhat_00002.1.ep7.el7?arch=noarch", }, }, }, ], category: "architecture", name: "noarch", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", }, product_reference: "eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", }, product_reference: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", }, product_reference: "eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", }, product_reference: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", }, product_reference: "eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", }, product_reference: "eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", }, product_reference: "eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", }, product_reference: "eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", }, product_reference: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", }, product_reference: "eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", }, product_reference: "eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", }, product_reference: "eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", }, product_reference: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", }, product_reference: "eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", }, product_reference: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", }, product_reference: "eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", }, product_reference: "eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", }, product_reference: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, { category: "default_component_of", full_product_name: { name: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src as a component of Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 Server", product_id: "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", }, product_reference: "eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", relates_to_product_reference: "7Server-JBEAP-7.1-EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2020-7238", cwe: { id: "CWE-444", name: "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')", }, discovery_date: "2020-01-27T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1796225", }, ], notes: [ { category: "description", text: "A flaw was found in Netty, where it mishandles Transfer-Encoding whitespace. This flaw allows HTTP Request Smuggling.", title: "Vulnerability description", }, { category: "summary", text: "netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling", title: "Vulnerability summary", }, { category: "other", text: "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch's security team has stated that the previous vulnerability, CVE-2019-16869, does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit both these vulnerabilities on OpenShift Container Platform, so we're reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships vulnerable netty version embedded in Candlepin, however, is not directly vulnerable since HTTP requests are handled by Tomcat and not netty.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-7238", }, { category: "external", summary: "RHBZ#1796225", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1796225", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-7238", url: "https://www.cve.org/CVERecord?id=CVE-2020-7238", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-7238", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-7238", }, { category: "external", summary: "https://netty.io/news/2019/12/18/4-1-44-Final.html", url: "https://netty.io/news/2019/12/18/4-1-44-Final.html", }, ], release_date: "2020-01-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "workaround", details: "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling", }, { cve: "CVE-2020-28052", cwe: { id: "CWE-287", name: "Improper Authentication", }, discovery_date: "2021-01-05T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "1912881", }, ], notes: [ { category: "description", text: "A flaw was found in bouncycastle. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", title: "Vulnerability description", }, { category: "summary", text: "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", ], known_not_affected: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-28052", }, { category: "external", summary: "RHBZ#1912881", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1912881", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-28052", url: "https://www.cve.org/CVERecord?id=CVE-2020-28052", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-28052", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-28052", }, ], release_date: "2020-12-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "workaround", details: "Users unable to upgrade to version 1.67 or greater can copy the `OpenBSDBCrypt.doCheckPassword()` method implementation (https://github.com/bcgit/bc-java/blob/r1rv67/core/src/main/java/org/bouncycastle/crypto/generators/OpenBSDBCrypt.java#L259-L343) into their own utility class and supplement it with the required methods and variables as required", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible", }, { cve: "CVE-2022-23221", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2022-01-19T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2044596", }, ], notes: [ { category: "description", text: "A flaw was found in the H2 Console. This flaw allows remote attackers to execute arbitrary code via a JDBC URL, concatenating with a substring that allows remote code execution by using a script.", title: "Vulnerability description", }, { category: "summary", text: "h2: Loading of custom classes from remote servers through JNDI", title: "Vulnerability summary", }, { category: "other", text: "In OpenShift Container Platform (OCP) the openshift-enterprise-3.11/metrics-hawkular-metrics-container container image ships a vulnerable version of h2 as part of the underlying images, but as it uses standard configuration and Console is not enabled/started by default, therefore the impact by this vulnerability is LOW and will not be fixed as OCP 3.x has already reached End of Full Support.\n\n[1] https://access.redhat.com/support/policy/updates/openshift_noncurrent", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", ], known_not_affected: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-23221", }, { category: "external", summary: "RHBZ#2044596", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2044596", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-23221", url: "https://www.cve.org/CVERecord?id=CVE-2022-23221", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-23221", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-23221", }, { category: "external", summary: "https://github.com/advisories/GHSA-45hx-wfhj-473x", url: "https://github.com/advisories/GHSA-45hx-wfhj-473x", }, ], release_date: "2022-01-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "h2: Loading of custom classes from remote servers through JNDI", }, { cve: "CVE-2022-34169", cwe: { id: "CWE-192", name: "Integer Coercion Error", }, discovery_date: "2022-07-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2108554", }, ], notes: [ { category: "description", text: "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", title: "Vulnerability description", }, { category: "summary", text: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-34169", }, { category: "external", summary: "RHBZ#2108554", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2108554", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-34169", url: "https://www.cve.org/CVERecord?id=CVE-2022-34169", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", }, ], release_date: "2022-07-19T20:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", }, { cve: "CVE-2022-41853", cwe: { id: "CWE-470", name: "Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')", }, discovery_date: "2022-10-19T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2136141", }, ], notes: [ { category: "description", text: "A flaw was found in the HSQLDB package. This flaw allows untrusted inputs to execute remote code due to any static method of any Java class in the classpath, resulting in code execution by default.", title: "Vulnerability description", }, { category: "summary", text: "hsqldb: Untrusted input may lead to RCE attack", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-41853", }, { category: "external", summary: "RHBZ#2136141", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2136141", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-41853", url: "https://www.cve.org/CVERecord?id=CVE-2022-41853", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-41853", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-41853", }, { category: "external", summary: "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control", url: "http://hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control", }, { category: "external", summary: "https://github.com/advisories/GHSA-77xx-rxvh-q682", url: "https://github.com/advisories/GHSA-77xx-rxvh-q682", }, ], release_date: "2022-10-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "workaround", details: "By default, the static methods of any class that is on the classpath are available for use and can compromise security in some systems. The optional Java system property, hsqldb.method_class_names, allows preventing access to classes other than java.lang.Math or specifying a semicolon-separated list of allowed classes. A property value that ends with .* is treated as a wild card and allows access to all class or method names formed by substitution of the * (asterisk).\n\nIn the example below, the property has been included as an argument to the Java command.\n\n java -Dhsqldb.method_class_names=\"org.me.MyClass;org.you.YourClass;org.you.lib.*\" [the rest of the command line]\n\nThe above example allows access to the methods in the two classes: org.me.MyClass and org.you.YourClass together with all the classes in the org.you.lib package. Note that if the property is not defined, no access control is performed at this level.\n\nThe user who creates a Java routine must have the relevant access privileges on the tables that are used inside the Java method.\n\nOnce the routine has been defined, the normal database access control applies to its user. The routine can be executed only by those users who have been granted EXECUTE privileges on it. Access to routines can be granted to users with GRANT EXECUTE or GRANT ALL. For example, GRANT EXECUTE ON myroutine TO PUBLIC.\n\nIn hsqldb 2.7.1, all classes by default are not accessible, except those in java.lang.Math and need to be manually enabled.", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "hsqldb: Untrusted input may lead to RCE attack", }, { cve: "CVE-2022-46364", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2022-12-21T00:00:00+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2155682", }, ], notes: [ { category: "description", text: "A SSRF vulnerability was found in Apache CXF. This issue occurs when parsing the href attribute of XOP:Include in MTOM requests, allowing an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.", title: "Vulnerability description", }, { category: "summary", text: "CXF: SSRF Vulnerability", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Integration Camel Quarkus does not support CXF extensions and so is affected at a reduced impact of Moderate.\nThe RHSSO server does not ship Apache CXF. The component mentioned in CVE-2022-46364 is a transitive dependency coming from Fuse adapters and the test suite.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", ], known_not_affected: [ "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2022-46364", }, { category: "external", summary: "RHBZ#2155682", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2155682", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2022-46364", url: "https://www.cve.org/CVERecord?id=CVE-2022-46364", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2022-46364", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-46364", }, { category: "external", summary: "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2", url: "https://cxf.apache.org/security-advisories.data/CVE-2022-46364.txt?version=1&modificationDate=1670944472739&api=v2", }, ], release_date: "2022-12-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "CXF: SSRF Vulnerability", }, { cve: "CVE-2023-3171", cwe: { id: "CWE-789", name: "Memory Allocation with Excessive Size Value", }, discovery_date: "2023-04-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2213639", }, ], notes: [ { category: "description", text: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "eap-7: heap exhaustion via deserialization", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { category: "external", summary: "RHBZ#2213639", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-3171", url: "https://www.cve.org/CVERecord?id=CVE-2023-3171", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", }, ], release_date: "2023-10-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "eap-7: heap exhaustion via deserialization", }, { cve: "CVE-2023-5685", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-10-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2241822", }, ], notes: [ { category: "description", text: "A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).", title: "Vulnerability description", }, { category: "summary", text: "xnio: StackOverflowException when the chain of notifier states becomes problematically big", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates this vulnerability as an Important impact as the uncontrolled resource consumption may lead to Denial of Service (DoS). This might be intentioned by an attacker who is looking to jeopardize an environment.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-5685", }, { category: "external", summary: "RHBZ#2241822", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2241822", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-5685", url: "https://www.cve.org/CVERecord?id=CVE-2023-5685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-5685", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-5685", }, ], release_date: "2024-03-05T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "workaround", details: "There is currently no mitigation available for this vulnerability. Please keep the packages up-to-date as the updates become available.", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "xnio: StackOverflowException when the chain of notifier states becomes problematically big", }, { cve: "CVE-2023-26464", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2023-03-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2182864", }, ], notes: [ { category: "description", text: "A flaw was found in Chainsaw and SocketAppender components with Log4j 1.x on JRE, less than 1.7. This issue may allow an attacker to use a logging entry with a specially-crafted hashmap or hashtable, depending on which logging component is in use, to process and exhaust the available memory in the virtual machine, resulting in a Denial of Service when the object is deserialized. This issue affects Apache Log4j before version 2.", title: "Vulnerability description", }, { category: "summary", text: "log4j1-socketappender: DoS via hashmap logging", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Enterprise Linux 8 and 9 security impacts have been reduced to Low as they do not enable the vulnerable JDK by default.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-26464", }, { category: "external", summary: "RHBZ#2182864", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2182864", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-26464", url: "https://www.cve.org/CVERecord?id=CVE-2023-26464", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-26464", }, { category: "external", summary: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", url: "https://www.ibm.com/support/pages/security-bulletin-vulnerability-log4j-1216jar-affect-ibm-operations-analytics-log-analysis-cve-2023-26464", }, ], release_date: "2023-03-15T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "log4j1-socketappender: DoS via hashmap logging", }, { cve: "CVE-2023-39410", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2023-10-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2242521", }, ], notes: [ { category: "description", text: "A flaw was found in apache-avro. When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints, leading to an out-of-memory error and a denial of service on the system.", title: "Vulnerability description", }, { category: "summary", text: "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2023-39410", }, { category: "external", summary: "RHBZ#2242521", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2242521", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2023-39410", url: "https://www.cve.org/CVERecord?id=CVE-2023-39410", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2023-39410", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-39410", }, { category: "external", summary: "https://issues.apache.org/jira/browse/AVRO-3819", url: "https://issues.apache.org/jira/browse/AVRO-3819", }, ], release_date: "2023-09-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK", }, { cve: "CVE-2024-28752", cwe: { id: "CWE-918", name: "Server-Side Request Forgery (SSRF)", }, discovery_date: "2024-03-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2270732", }, ], notes: [ { category: "description", text: "A server-side request forgery (SSRF) vulnerability was found in Apache CXF. This issue occurs in attacks on webservices that take at least one parameter of any type, and when Aegisdatabind is used. Users of other data bindings including the default databinding are not impacted.", title: "Vulnerability description", }, { category: "summary", text: "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding", title: "Vulnerability summary", }, { category: "other", text: "Red Hat rates this as an Important impact due to the fact this requires Aegis databind, which is not the default databinding for Apache CXF.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-28752", }, { category: "external", summary: "RHBZ#2270732", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2270732", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-28752", url: "https://www.cve.org/CVERecord?id=CVE-2024-28752", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-28752", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-28752", }, { category: "external", summary: "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt", url: "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt", }, { category: "external", summary: "https://github.com/advisories/GHSA-qmgx-j96g-4428", url: "https://github.com/advisories/GHSA-qmgx-j96g-4428", }, ], release_date: "2024-03-14T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "workaround", details: "No mitigation is currently available for this vulnerability. Please make sure to update as the fixes become available.", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "cxf-core: Apache CXF SSRF Vulnerability using the Aegis databinding", }, { cve: "CVE-2024-47561", cwe: { id: "CWE-502", name: "Deserialization of Untrusted Data", }, discovery_date: "2024-10-02T14:04:06.018000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2316116", }, ], notes: [ { category: "description", text: "A vulnerability was found in Apache Avro. The project is affected and at risk if it accepts an org.apache.Avro/avroAvro schema for parsing provided by an end user. This flaw allows an attacker to trigger remote code execution by using the special \"java-class\" attribute.", title: "Vulnerability description", }, { category: "summary", text: "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)", title: "Vulnerability summary", }, { category: "other", text: "The Red Hat build of Apache Camel K 1.10 was rated Important as it allows users to provide an Avro schema for parsing. Note that this functionality is limited to authenticated users.\n\nRed Hat Single Sign-On 7 ships the affected component in its maven repository but does not use it in the product. As such it is affected but not vulnerable to the flaw, and is assessed at Moderate security impact.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-47561", }, { category: "external", summary: "RHBZ#2316116", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2316116", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-47561", url: "https://www.cve.org/CVERecord?id=CVE-2024-47561", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-47561", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-47561", }, ], release_date: "2024-10-03T12:20:00+00:00", remediations: [ { category: "vendor_fix", date: "2024-11-25T00:12:13+00:00", details: "Before applying this update, ensure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "workaround", details: "1. Avoid parsing user-provided schemas.\n2. Ensure proper input validation and sanitization of schemas before parsing.\n3. Monitor systems for any unusual activities that may indicate exploitation attempts.\n4. Apply the principle of least privilege to minimize the potential impact of successful exploits.", product_ids: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-rt-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-services-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-apache-cxf-tools-0:3.1.16-3.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-avro-0:1.7.6-2.redhat_00003.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-0:1.68.0-1.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-mail-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-pkix-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-bouncycastle-prov-0:1.68.0-1.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-h2database-0:1.4.197-2.redhat_00005.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jackson-databind-0:2.8.11.6-1.SP1_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-jboss-marshalling-river-0:2.0.15-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-jboss-xnio-base-0:3.5.10-1.Final_redhat_00001.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-wildfly-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.src", "7Server-JBEAP-7.1-EUS:eap7-wildfly-modules-0:7.1.8-2.GA_redhat_00002.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.noarch", "7Server-JBEAP-7.1-EUS:eap7-xalan-j2-0:2.7.1-26.redhat_00015.1.ep7.el7.src", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "apache-avro: Schema parsing may trigger Remote Code Execution (RCE)", }, ], }
wid-sec-w-2023-3224
Vulnerability from csaf_certbund
Published
2023-12-27 23:00
Modified
2024-11-24 23:00
Summary
Red Hat JBoss Enterprise Application Platform: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JBoss Enterprise Application Platform ist eine skalierbare Plattform für Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in der Red Hat JBoss Enterprise Application Platform ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "JBoss Enterprise Application Platform ist eine skalierbare Plattform für Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in der Red Hat JBoss Enterprise Application Platform ausnutzen, um einen Denial of Service Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-3224 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3224.json", }, { category: "self", summary: "WID-SEC-2023-3224 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3224", }, { category: "external", summary: "Github Advisory - JBoss vom 2023-12-27", url: "https://github.com/advisories/GHSA-gpgq-5q34-mh72", }, { category: "external", summary: "Red Hat Security Advisory - JBoss vom 2023-12-27", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { category: "external", summary: "Red Hat Security Advisory - JBoss vom 2023-12-27", url: "https://access.redhat.com/errata/RHSA-2023:5488", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:10208 vom 2024-11-25", url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:10207 vom 2024-11-25", url: "https://access.redhat.com/errata/RHSA-2024:10207", }, ], source_lang: "en-US", title: "Red Hat JBoss Enterprise Application Platform: Schwachstelle ermöglicht Denial of Service", tracking: { current_release_date: "2024-11-24T23:00:00.000+00:00", generator: { date: "2024-11-25T09:15:40.597+00:00", engine: { name: "BSI-WID", version: "1.3.8", }, }, id: "WID-SEC-W-2023-3224", initial_release_date: "2023-12-27T23:00:00.000+00:00", revision_history: [ { date: "2023-12-27T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-11-24T23:00:00.000+00:00", number: "2", summary: "Neue Updates von Red Hat aufgenommen", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<7.4.13", product: { name: "Red Hat JBoss Enterprise Application Platform <7.4.13", product_id: "T031828", }, }, { category: "product_version", name: "7.4.13", product: { name: "Red Hat JBoss Enterprise Application Platform 7.4.13", product_id: "T031828-fixed", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4.13", }, }, }, { category: "product_version_range", name: "<7.1.8", product: { name: "Red Hat JBoss Enterprise Application Platform <7.1.8", product_id: "T039411", }, }, { category: "product_version", name: "7.1.8", product: { name: "Red Hat JBoss Enterprise Application Platform 7.1.8", product_id: "T039411-fixed", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.1.8", }, }, }, { category: "product_version_range", name: "<7.3.11", product: { name: "Red Hat JBoss Enterprise Application Platform <7.3.11", product_id: "T039412", }, }, { category: "product_version", name: "7.3.11", product: { name: "Red Hat JBoss Enterprise Application Platform 7.3.11", product_id: "T039412-fixed", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.3.11", }, }, }, ], category: "product_name", name: "JBoss Enterprise Application Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2023-3171", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in der Red Hat JBoss Enterprise Application Platform. Dieser Fehler besteht in der EAP-7-Komponente während der Deserialisierung bestimmter Klassen, wodurch es möglich ist, bösartige Anfragen zu übermitteln und den Heap zu erschöpfen. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.", }, ], product_status: { known_affected: [ "T031828", "T039412", "T039411", ], }, release_date: "2023-12-27T23:00:00.000+00:00", title: "CVE-2023-3171", }, ], }
WID-SEC-W-2023-3224
Vulnerability from csaf_certbund
Published
2023-12-27 23:00
Modified
2024-11-24 23:00
Summary
Red Hat JBoss Enterprise Application Platform: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
JBoss Enterprise Application Platform ist eine skalierbare Plattform für Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in der Red Hat JBoss Enterprise Application Platform ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "JBoss Enterprise Application Platform ist eine skalierbare Plattform für Java-Anwendungen, inklusive JBoss Application Server, JBoss Hibernate und Boss Seam.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in der Red Hat JBoss Enterprise Application Platform ausnutzen, um einen Denial of Service Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-3224 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3224.json", }, { category: "self", summary: "WID-SEC-2023-3224 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3224", }, { category: "external", summary: "Github Advisory - JBoss vom 2023-12-27", url: "https://github.com/advisories/GHSA-gpgq-5q34-mh72", }, { category: "external", summary: "Red Hat Security Advisory - JBoss vom 2023-12-27", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { category: "external", summary: "Red Hat Security Advisory - JBoss vom 2023-12-27", url: "https://access.redhat.com/errata/RHSA-2023:5488", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:10208 vom 2024-11-25", url: "https://access.redhat.com/errata/RHSA-2024:10208", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2024:10207 vom 2024-11-25", url: "https://access.redhat.com/errata/RHSA-2024:10207", }, ], source_lang: "en-US", title: "Red Hat JBoss Enterprise Application Platform: Schwachstelle ermöglicht Denial of Service", tracking: { current_release_date: "2024-11-24T23:00:00.000+00:00", generator: { date: "2024-11-25T09:15:40.597+00:00", engine: { name: "BSI-WID", version: "1.3.8", }, }, id: "WID-SEC-W-2023-3224", initial_release_date: "2023-12-27T23:00:00.000+00:00", revision_history: [ { date: "2023-12-27T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2024-11-24T23:00:00.000+00:00", number: "2", summary: "Neue Updates von Red Hat aufgenommen", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<7.4.13", product: { name: "Red Hat JBoss Enterprise Application Platform <7.4.13", product_id: "T031828", }, }, { category: "product_version", name: "7.4.13", product: { name: "Red Hat JBoss Enterprise Application Platform 7.4.13", product_id: "T031828-fixed", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.4.13", }, }, }, { category: "product_version_range", name: "<7.1.8", product: { name: "Red Hat JBoss Enterprise Application Platform <7.1.8", product_id: "T039411", }, }, { category: "product_version", name: "7.1.8", product: { name: "Red Hat JBoss Enterprise Application Platform 7.1.8", product_id: "T039411-fixed", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.1.8", }, }, }, { category: "product_version_range", name: "<7.3.11", product: { name: "Red Hat JBoss Enterprise Application Platform <7.3.11", product_id: "T039412", }, }, { category: "product_version", name: "7.3.11", product: { name: "Red Hat JBoss Enterprise Application Platform 7.3.11", product_id: "T039412-fixed", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_enterprise_application_platform:7.3.11", }, }, }, ], category: "product_name", name: "JBoss Enterprise Application Platform", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2023-3171", notes: [ { category: "description", text: "Es besteht eine Schwachstelle in der Red Hat JBoss Enterprise Application Platform. Dieser Fehler besteht in der EAP-7-Komponente während der Deserialisierung bestimmter Klassen, wodurch es möglich ist, bösartige Anfragen zu übermitteln und den Heap zu erschöpfen. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.", }, ], product_status: { known_affected: [ "T031828", "T039412", "T039411", ], }, release_date: "2023-12-27T23:00:00.000+00:00", title: "CVE-2023-3171", }, ], }
gsd-2023-3171
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.
Aliases
Aliases
{ GSD: { alias: "CVE-2023-3171", id: "GSD-2023-3171", }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2023-3171", ], details: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", id: "GSD-2023-3171", modified: "2023-12-13T01:20:55.243956Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2023-3171", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "eap", version: { version_data: [ { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", }, }, ], }, }, ], }, vendor_name: "n/a", }, { product: { product_data: [ { product_name: "EAP 7.4.13", version: { version_data: [ { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "unaffected", }, }, ], }, }, { product_name: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", version: { version_data: [ { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:2.16.0-15.redhat_00049.1.el8eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.76.0-4.redhat_00001.1.el8eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:3.3.19-1.Final_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:5.3.31-1.Final_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.5.15-1.Final_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:2.0.13-2.SP1_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.12.2-1.Final_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.10.0-31.Final_redhat_00030.1.el8eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:3.8.10-1.Final_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.4.5-1.Final_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.1.94-1.Final_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.1.94-1.Final_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:3.15.8-1.Final_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:2.2.26-1.SP1_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:7.4.13-8.GA_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.15.20-1.Final_redhat_00001.1.el8eap", versionType: "rpm", }, ], }, }, ], }, }, { product_name: "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", version: { version_data: [ { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:2.16.0-15.redhat_00049.1.el9eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.76.0-4.redhat_00001.1.el9eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:3.3.19-1.Final_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:5.3.31-1.Final_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.5.15-1.Final_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:2.0.13-2.SP1_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.12.2-1.Final_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.10.0-31.Final_redhat_00030.1.el9eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:3.8.10-1.Final_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.4.5-1.Final_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.1.94-1.Final_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.1.94-1.Final_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:3.15.8-1.Final_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:2.2.26-1.SP1_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:7.4.13-8.GA_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.15.20-1.Final_redhat_00001.1.el9eap", versionType: "rpm", }, ], }, }, ], }, }, { product_name: "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", version: { version_data: [ { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:2.16.0-15.redhat_00049.1.el7eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.76.0-4.redhat_00001.1.el7eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:3.3.19-1.Final_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:5.3.31-1.Final_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.5.15-1.Final_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:2.0.13-2.SP1_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.12.2-1.Final_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.10.0-31.Final_redhat_00030.1.el7eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:3.8.10-1.Final_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.4.5-1.Final_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.1.94-1.Final_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.1.94-1.Final_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:3.15.8-1.Final_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:2.2.26-1.SP1_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:7.4.13-8.GA_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, }, { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "affected", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.15.20-1.Final_redhat_00001.1.el7eap", versionType: "rpm", }, ], }, }, ], }, }, ], }, vendor_name: "Red Hat", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", }, ], }, impact: { cvss: [ { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, ], }, problemtype: { problemtype_data: [ { description: [ { cweId: "CWE-789", lang: "eng", value: "Memory Allocation with Excessive Size Value", }, ], }, ], }, references: { reference_data: [ { name: "https://access.redhat.com/errata/RHSA-2023:5484", refsource: "MISC", url: "https://access.redhat.com/errata/RHSA-2023:5484", }, { name: "https://access.redhat.com/errata/RHSA-2023:5485", refsource: "MISC", url: "https://access.redhat.com/errata/RHSA-2023:5485", }, { name: "https://access.redhat.com/errata/RHSA-2023:5486", refsource: "MISC", url: "https://access.redhat.com/errata/RHSA-2023:5486", }, { name: "https://access.redhat.com/errata/RHSA-2023:5488", refsource: "MISC", url: "https://access.redhat.com/errata/RHSA-2023:5488", }, { name: "https://access.redhat.com/security/cve/CVE-2023-3171", refsource: "MISC", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, ], }, }, "nvd.nist.gov": { cve: { configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.4:*:*:*:*:*:*:*", matchCriteriaId: "645A908C-18C2-4AB1-ACE7-3969E3A552A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "7F6FB57C-2BC7-487C-96DD-132683AEB35D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:jboss_enterprise_application_platform:-:*:*:*:text-only:*:*:*", matchCriteriaId: "B8423D7F-3A8F-4AD8-BF51-245C9D8DD816", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", }, { lang: "es", value: "Se encontró una falla en EAP-7 durante la deserialización de ciertas clases, lo que permite la creación de instancias de HashMap y HashTable sin verificar los recursos consumidos. Este problema podría permitir que un atacante envíe solicitudes maliciosas utilizando estas clases, lo que eventualmente podría agotar el montón y provocar una denegación de servicio.", }, ], id: "CVE-2023-3171", lastModified: "2024-01-04T17:07:40.287", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "secalert@redhat.com", type: "Secondary", }, ], }, published: "2023-12-27T16:15:13.103", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:5484", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:5485", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:5486", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:5488", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-770", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-789", }, ], source: "secalert@redhat.com", type: "Secondary", }, ], }, }, }, }
fkie_cve-2023-3171
Vulnerability from fkie_nvd
Published
2023-12-27 16:15
Modified
2024-11-21 08:16
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | jboss_enterprise_application_platform | 7.4 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux | 9.0 | |
| redhat | jboss_enterprise_application_platform | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.4:*:*:*:*:*:*:*", matchCriteriaId: "645A908C-18C2-4AB1-ACE7-3969E3A552A5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "7F6FB57C-2BC7-487C-96DD-132683AEB35D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:jboss_enterprise_application_platform:-:*:*:*:text-only:*:*:*", matchCriteriaId: "B8423D7F-3A8F-4AD8-BF51-245C9D8DD816", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", }, { lang: "es", value: "Se encontró una falla en EAP-7 durante la deserialización de ciertas clases, lo que permite la creación de instancias de HashMap y HashTable sin verificar los recursos consumidos. Este problema podría permitir que un atacante envíe solicitudes maliciosas utilizando estas clases, lo que eventualmente podría agotar el montón y provocar una denegación de servicio.", }, ], id: "CVE-2023-3171", lastModified: "2024-11-21T08:16:37.137", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-27T16:15:13.103", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:5484", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:5485", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:5486", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:5488", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:5484", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:5485", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:5486", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/errata/RHSA-2023:5488", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-789", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-770", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
ghsa-gpgq-5q34-mh72
Vulnerability from github
Published
2023-12-27 18:30
Modified
2023-12-27 18:30
Severity ?
Details
A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.
{ affected: [], aliases: [ "CVE-2023-3171", ], database_specific: { cwe_ids: [ "CWE-770", "CWE-789", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2023-12-27T16:15:13Z", severity: "HIGH", }, details: "A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service.", id: "GHSA-gpgq-5q34-mh72", modified: "2023-12-27T18:30:20Z", published: "2023-12-27T18:30:20Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-3171", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2023:5484", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2023:5485", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2023:5486", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2023:5488", }, { type: "WEB", url: "https://access.redhat.com/security/cve/CVE-2023-3171", }, { type: "WEB", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2213639", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", type: "CVSS_V3", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.