Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2024-4029
Vulnerability from cvelistv5
Published
2024-05-02 14:55
Modified
2024-11-24 16:01
Severity ?
EPSS score ?
Summary
A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Red Hat | Red Hat JBoss Enterprise Application Platform 7 |
cpe:/a:redhat:jboss_enterprise_application_platform:7.4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-4029", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-06-14T19:17:30.528404Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-14T19:17:38.521Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T20:26:57.279Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2024-4029" }, { "name": "RHBZ#2278615", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4" ], "defaultStatus": "unaffected", "packageName": "wildfly-domain-http", "product": "Red Hat JBoss Enterprise Application Platform 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" ], "defaultStatus": "affected", "packageName": "eap7-hal-console", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.3.24-1.Final_redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" ], "defaultStatus": "affected", "packageName": "eap7-hibernate-validator", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:6.0.23-2.SP1_redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" ], "defaultStatus": "affected", "packageName": "eap7-insights-java-client", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.1.3-1.redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" ], "defaultStatus": "affected", "packageName": "eap7-ironjacamar", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.5.18-1.Final_redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" ], "defaultStatus": "affected", "packageName": "eap7-jboss-cert-helper", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.1.3-1.redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" ], "defaultStatus": "affected", "packageName": "eap7-jboss-ejb-client", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.0.55-1.Final_redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" ], "defaultStatus": "affected", "packageName": "eap7-jboss-server-migration", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.10.0-39.Final_redhat_00039.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" ], "defaultStatus": "affected", "packageName": "eap7-jbossws-cxf", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.4.12-1.Final_redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" ], "defaultStatus": "affected", "packageName": "eap7-jsoup", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.15.4-1.redhat_00003.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" ], "defaultStatus": "affected", "packageName": "eap7-undertow-jastow", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.0.15-1.Final_redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" ], "defaultStatus": "affected", "packageName": "eap7-wildfly", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:7.4.19-1.GA_redhat_00002.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" ], "defaultStatus": "affected", "packageName": "eap7-xalan-j2", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.7.1-37.redhat_00015.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9" ], "defaultStatus": "affected", "packageName": "eap7-hal-console", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.3.24-1.Final_redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9" ], "defaultStatus": "affected", "packageName": "eap7-hibernate-validator", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:6.0.23-2.SP1_redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9" ], "defaultStatus": "affected", "packageName": "eap7-insights-java-client", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.1.3-1.redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9" ], "defaultStatus": "affected", "packageName": "eap7-ironjacamar", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.5.18-1.Final_redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9" ], "defaultStatus": "affected", "packageName": "eap7-jboss-cert-helper", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.1.3-1.redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9" ], "defaultStatus": "affected", "packageName": "eap7-jboss-ejb-client", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.0.55-1.Final_redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9" ], "defaultStatus": "affected", "packageName": "eap7-jboss-server-migration", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.10.0-39.Final_redhat_00039.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9" ], "defaultStatus": "affected", "packageName": "eap7-jbossws-cxf", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.4.12-1.Final_redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9" ], "defaultStatus": "affected", "packageName": "eap7-jsoup", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.15.4-1.redhat_00003.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9" ], "defaultStatus": "affected", "packageName": "eap7-undertow-jastow", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.0.15-1.Final_redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9" ], "defaultStatus": "affected", "packageName": "eap7-wildfly", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:7.4.19-1.GA_redhat_00002.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9" ], "defaultStatus": "affected", "packageName": "eap7-xalan-j2", "product": "Red Hat JBoss Enterprise Application Platform 7.4 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.7.1-37.redhat_00015.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7" ], "defaultStatus": "affected", "packageName": "eap7-hal-console", "product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.3.24-1.Final_redhat_00001.1.el7eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7" ], "defaultStatus": "affected", "packageName": "eap7-hibernate-validator", "product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:6.0.23-2.SP1_redhat_00001.1.el7eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7" ], "defaultStatus": "affected", "packageName": "eap7-insights-java-client", "product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.1.3-1.redhat_00001.1.el7eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7" ], "defaultStatus": "affected", "packageName": "eap7-ironjacamar", "product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.5.18-1.Final_redhat_00001.1.el7eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7" ], "defaultStatus": "affected", "packageName": "eap7-jboss-cert-helper", "product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.1.3-1.redhat_00001.1.el7eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7" ], "defaultStatus": "affected", "packageName": "eap7-jboss-ejb-client", "product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.0.55-1.Final_redhat_00001.1.el7eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7" ], "defaultStatus": "affected", "packageName": "eap7-jboss-server-migration", "product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.10.0-39.Final_redhat_00039.1.el7eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7" ], "defaultStatus": "affected", "packageName": "eap7-jbossws-cxf", "product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.4.12-1.Final_redhat_00001.1.el7eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7" ], "defaultStatus": "affected", "packageName": "eap7-jsoup", "product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.15.4-1.redhat_00003.1.el7eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7" ], "defaultStatus": "affected", "packageName": "eap7-undertow-jastow", "product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.0.15-1.Final_redhat_00001.1.el7eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7" ], "defaultStatus": "affected", "packageName": "eap7-wildfly", "product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:7.4.19-1.GA_redhat_00002.1.el7eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7" ], "defaultStatus": "affected", "packageName": "eap7-xalan-j2", "product": "Red Hat JBoss Enterprise Application Platform 7.4 on RHEL 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.7.1-37.redhat_00015.1.el7eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0" ], "defaultStatus": "unaffected", "packageName": "wildfly-domain-http", "product": "Red Hat JBoss Enterprise Application Platform 8", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-activemq-artemis", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.33.0-1.redhat_00015.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-activemq-artemis-native", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "1:2.0.0-2.redhat_00005.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-aesh-extensions", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.8.0-2.redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-aesh-readline", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.2.0-2.redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-apache-commons-codec", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.16.1-2.redhat_00007.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-apache-commons-collections", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.2.2-28.redhat_2.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-apache-commons-io", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.15.1-1.redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-apache-commons-lang", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.14.0-2.redhat_00006.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-apache-cxf", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.0.5-1.redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-artemis-native", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "1:2.0.0-2.redhat_00005.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-artemis-wildfly-integration", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.0.1-1.redhat_00002.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-asyncutil", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:0.1.0-2.redhat_00010.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-aws-java-sdk", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.12.284-2.redhat_00002.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-cryptacular", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.2.5-2.redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-eap-product-conf-parent", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:800.4.0-1.GA_redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-fastinfoset", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.1.0-4.redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-hibernate", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:6.2.31-1.Final_redhat_00002.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-hibernate-validator", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:8.0.1-3.Final_redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-hppc", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:0.8.1-2.redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-insights-java-client", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.1.3-1.redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-jakarta-servlet-jsp-jstl-api", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.0.1-1.redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-jboss-cert-helper", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.1.3-1.redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-jboss-logging", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.5.3-1.Final_redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-jctools", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.0.2-1.redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-jgroups", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.3.10-1.Final_redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-log4j", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.22.1-1.redhat_00002.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-narayana", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:6.0.3-1.Final_redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-nimbus-jose-jwt", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:9.37.3-1.redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-objectweb-asm", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:9.6.0-1.redhat_00002.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-pem-keystore", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.3.0-1.redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-resteasy-extensions", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.0.1-3.Final_redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-resteasy-spring", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.0.1-2.Final_redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-saaj-impl", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.0.4-1.redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-shibboleth-java-support", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:8.0.0-6.redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-slf4j", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.0.16-1.redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-snakeyaml", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.2.0-1.redhat_00001.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" ], "defaultStatus": "affected", "packageName": "eap8-wildfly", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:8.0.4-2.GA_redhat_00005.1.el8eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-activemq-artemis", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.33.0-1.redhat_00015.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-activemq-artemis-native", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "1:2.0.0-2.redhat_00005.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-aesh-extensions", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.8.0-2.redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-aesh-readline", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.2.0-2.redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-apache-commons-codec", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.16.1-2.redhat_00007.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-apache-commons-collections", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.2.2-28.redhat_2.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-apache-commons-io", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.15.1-1.redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-apache-commons-lang", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.14.0-2.redhat_00006.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-apache-cxf", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.0.5-1.redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-artemis-native", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "1:2.0.0-2.redhat_00005.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-artemis-wildfly-integration", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.0.1-1.redhat_00002.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-asyncutil", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:0.1.0-2.redhat_00010.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-aws-java-sdk", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.12.284-2.redhat_00002.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-cryptacular", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.2.5-2.redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-eap-product-conf-parent", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:800.4.0-1.GA_redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-fastinfoset", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.1.0-4.redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-hibernate", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:6.2.31-1.Final_redhat_00002.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-hibernate-validator", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:8.0.1-3.Final_redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-hppc", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:0.8.1-2.redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-insights-java-client", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.1.3-1.redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-jakarta-servlet-jsp-jstl-api", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.0.1-1.redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-jboss-cert-helper", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.1.3-1.redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-jboss-logging", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.5.3-1.Final_redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-jctools", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.0.2-1.redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-jgroups", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.3.10-1.Final_redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-log4j", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.22.1-1.redhat_00002.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-narayana", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:6.0.3-1.Final_redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-nimbus-jose-jwt", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:9.37.3-1.redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-objectweb-asm", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:9.6.0-1.redhat_00002.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-pem-keystore", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.3.0-1.redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-resteasy-extensions", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.0.1-3.Final_redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-resteasy-spring", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.0.1-2.Final_redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-saaj-impl", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.0.4-1.redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-shibboleth-java-support", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:8.0.0-6.redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-slf4j", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.0.16-1.redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-snakeyaml", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.2.0-1.redhat_00001.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" ], "defaultStatus": "affected", "packageName": "eap8-wildfly", "product": "Red Hat JBoss Enterprise Application Platform 8.0 for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:8.0.4-2.GA_redhat_00005.1.el9eap", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:build_keycloak:" ], "defaultStatus": "unaffected", "packageName": "wildfly-domain-http", "product": "Red Hat Build of Keycloak", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_data_grid:8" ], "defaultStatus": "unaffected", "packageName": "wildfly-domain-http", "product": "Red Hat Data Grid 8", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_fuse:7" ], "defaultStatus": "unknown", "packageName": "wildfly-domain-http", "product": "Red Hat Fuse 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", "cpes": [ "cpe:/a:redhat:jboss_data_grid:7" ], "defaultStatus": "unknown", "packageName": "wildfly-domain-http", "product": "Red Hat JBoss Data Grid 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html", "cpes": [ "cpe:/a:redhat:jbosseapxp" ], "defaultStatus": "unaffected", "packageName": "wildfly-domain-http", "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:jboss_enterprise_bpms_platform:7" ], "defaultStatus": "unknown", "packageName": "wildfly-domain-http", "product": "Red Hat Process Automation 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:red_hat_single_sign_on:7" ], "defaultStatus": "affected", "packageName": "wildfly-domain-http", "product": "Red Hat Single Sign-On 7", "vendor": "Red Hat" } ], "datePublic": "2024-05-02T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Low" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-770", "description": "Allocation of Resources Without Limits or Throttling", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-24T16:01:07.405Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2024:8075", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:8075" }, { "name": "RHSA-2024:8076", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:8076" }, { "name": "RHSA-2024:8077", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:8077" }, { "name": "RHSA-2024:8080", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:8080" }, { "name": "RHSA-2024:8823", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:8823" }, { "name": "RHSA-2024:8824", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:8824" }, { "name": "RHSA-2024:8826", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:8826" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2024-4029" }, { "name": "RHBZ#2278615", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615" } ], "timeline": [ { "lang": "en", "time": "2024-04-22T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2024-05-02T00:00:00+00:00", "value": "Made public." } ], "title": "Wildfly: no timeout for eap management interface may lead to denial of service (dos)", "workarounds": [ { "lang": "en", "value": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available." } ], "x_redhatCweChain": "CWE-770: Allocation of Resources Without Limits or Throttling" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2024-4029", "datePublished": "2024-05-02T14:55:27.135Z", "dateReserved": "2024-04-22T13:59:47.506Z", "dateUpdated": "2024-11-24T16:01:07.405Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2024-4029\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2024-05-02T15:15:07.227\",\"lastModified\":\"2024-11-21T09:42:03.370\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una vulnerabilidad en la interfaz de administraci\u00f3n de Wildfly. Debido a la falta de limitaci\u00f3n de sockets para la interfaz de administraci\u00f3n, es posible que se produzca una denegaci\u00f3n de servicio que alcance el l\u00edmite de nofile ya que no hay posibilidad de configurar o establecer un n\u00famero m\u00e1ximo de conexiones.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.5,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2024:8075\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:8076\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:8077\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:8080\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:8823\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:8824\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2024:8826\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-4029\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2278615\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2024-4029\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2278615\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}" } }
rhsa-2024_8823
Vulnerability from csaf_redhat
Published
2024-11-04 20:13
Modified
2024-12-13 14:17
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:8823", "url": "https://access.redhat.com/errata/RHSA-2024:8823" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/" }, { "category": "external", "summary": "2108554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554" }, { "category": "external", "summary": "2278615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615" }, { "category": "external", "summary": "2298829", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829" }, { "category": "external", "summary": "2309764", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764" }, { "category": "external", "summary": "2311641", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641" }, { "category": "external", "summary": "2312511", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511" }, { "category": "external", "summary": "JBEAP-24945", "url": "https://issues.redhat.com/browse/JBEAP-24945" }, { "category": "external", "summary": "JBEAP-25035", "url": "https://issues.redhat.com/browse/JBEAP-25035" }, { "category": "external", "summary": "JBEAP-27002", "url": "https://issues.redhat.com/browse/JBEAP-27002" }, { "category": "external", "summary": "JBEAP-27194", "url": "https://issues.redhat.com/browse/JBEAP-27194" }, { "category": "external", "summary": "JBEAP-27247", "url": "https://issues.redhat.com/browse/JBEAP-27247" }, { "category": "external", "summary": "JBEAP-27276", "url": "https://issues.redhat.com/browse/JBEAP-27276" }, { "category": "external", "summary": "JBEAP-27293", "url": "https://issues.redhat.com/browse/JBEAP-27293" }, { "category": "external", "summary": "JBEAP-27392", "url": "https://issues.redhat.com/browse/JBEAP-27392" }, { "category": "external", "summary": "JBEAP-27543", "url": "https://issues.redhat.com/browse/JBEAP-27543" }, { "category": "external", "summary": "JBEAP-27585", "url": "https://issues.redhat.com/browse/JBEAP-27585" }, { "category": "external", "summary": "JBEAP-27643", "url": "https://issues.redhat.com/browse/JBEAP-27643" }, { "category": "external", "summary": "JBEAP-27659", "url": "https://issues.redhat.com/browse/JBEAP-27659" }, { "category": "external", "summary": "JBEAP-27688", "url": "https://issues.redhat.com/browse/JBEAP-27688" }, { "category": "external", "summary": "JBEAP-27694", "url": "https://issues.redhat.com/browse/JBEAP-27694" }, { "category": "external", "summary": "JBEAP-27957", "url": "https://issues.redhat.com/browse/JBEAP-27957" }, { "category": "external", "summary": "JBEAP-28057", "url": "https://issues.redhat.com/browse/JBEAP-28057" }, { "category": "external", "summary": "JBEAP-28278", "url": "https://issues.redhat.com/browse/JBEAP-28278" }, { "category": "external", "summary": "JBEAP-28289", "url": "https://issues.redhat.com/browse/JBEAP-28289" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8823.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update", "tracking": { "current_release_date": "2024-12-13T14:17:02+00:00", "generator": { "date": "2024-12-13T14:17:02+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:8823", "initial_release_date": "2024-11-04T20:13:37+00:00", "revision_history": [ { "date": "2024-11-04T20:13:37+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-11-04T20:13:37+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-13T14:17:02+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss EAP 8.0 for RHEL 8", "product": { "name": "Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el8" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "product": { "name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "product": { "name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "product": { "name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "product": { "name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "product": { "name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "product": { "name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "product": { "name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "product": { "name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "product": { "name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "product": { "name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "product": { "name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "product": { "name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "product": { "name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "product": { "name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "product": { "name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "product": { "name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "product": { "name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "product": { "name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "product": { "name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "product": { "name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "product": { "name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "product": { "name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "product": { "name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "product": { "name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "product": { "name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "product": { "name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "product": { "name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "product": { "name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "product": { "name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "product": { "name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "product": { "name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el8eap?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "product": { "name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "product": { "name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "product_id": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-hibernate-core@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "product": { "name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "product_id": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-hibernate-envers@6.2.31-1.Final_redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "product": { "name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "product": { "name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "product_id": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-objectweb-asm-util@9.6.0-1.redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "product_id": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jctools-core@4.0.2-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product": { "name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product": { "name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_id": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-1.redhat_00015.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product": { "name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_id": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-1.redhat_00015.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product": { "name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_id": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-1.redhat_00015.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product": { "name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_id": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-1.redhat_00015.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product": { "name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_id": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-1.redhat_00015.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product": { "name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_id": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-1.redhat_00015.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product": { "name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_id": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-1.redhat_00015.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product": { "name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_id": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-1.redhat_00015.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product": { "name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_id": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-1.redhat_00015.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product": { "name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_id": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-1.redhat_00015.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product": { "name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_id": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-1.redhat_00015.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product": { "name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_id": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-1.redhat_00015.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product": { "name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_id": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-1.redhat_00015.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product": { "name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_id": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-1.redhat_00015.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "product": { "name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "product_id": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.5-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "product_id": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.5-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "product_id": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.5-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.4.0-1.GA_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "product_id": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl@3.0.1-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.3-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "product": { "name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "product_id": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "product": { "name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "product": { "name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "product": { "name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "product": { "name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "product": { "name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "product": { "name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "product": { "name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "product_id": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-aws-java-sdk-core@1.12.284-2.redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "product": { "name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "product_id": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-aws-java-sdk-kms@1.12.284-2.redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "product": { "name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "product_id": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-aws-java-sdk-s3@1.12.284-2.redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "product": { "name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "product_id": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jmespath-java@1.12.284-2.redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-resteasy-tracing-api@2.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-hibernate-validator-cdi@8.0.1-3.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "product": { "name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "product": { "name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "product": { "name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "product_id": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "product": { "name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "product_id": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "product": { "name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "product_id": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "product": { "name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "product_id": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.0.4-2.GA_redhat_00005.1.el8eap?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "product": { "name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=x86_64" } } }, { "category": "product_version", "name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "product": { "name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el8eap?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "product": { "name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "product_id": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-artemis-native-wildfly@2.0.0-2.redhat_00005.1.el8eap?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch" }, "product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src" }, "product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch" }, "product_reference": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch" }, "product_reference": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch" }, "product_reference": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch" }, "product_reference": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch" }, "product_reference": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch" }, "product_reference": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch" }, "product_reference": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch" }, "product_reference": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch" }, "product_reference": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch" }, "product_reference": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch" }, "product_reference": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch" }, "product_reference": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch" }, "product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src" }, "product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch" }, "product_reference": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch" }, "product_reference": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src" }, "product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src" }, "product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch" }, "product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src" }, "product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch" }, "product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src" }, "product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch" }, "product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src" }, "product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src" }, "product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64" }, "product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64" }, "product_reference": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch" }, "product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src" }, "product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch" }, "product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src" }, "product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch" }, "product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src" }, "product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch" }, "product_reference": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch" }, "product_reference": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch" }, "product_reference": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src" }, "product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src" }, "product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src" }, "product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src" }, "product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src" }, "product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64" }, "product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch" }, "product_reference": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch" }, "product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src" }, "product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch" }, "product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src" }, "product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch" }, "product_reference": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src" }, "product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" }, "product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src" }, "product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" }, "product_reference": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" }, "product_reference": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" }, "product_reference": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 8", "product_id": "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" }, "product_reference": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-8.0" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-34169", "cwe": { "id": "CWE-192", "name": "Integer Coercion Error" }, "discovery_date": "2022-07-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2108554" } ], "notes": [ { "category": "description", "text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-34169" }, { "category": "external", "summary": "RHBZ#2108554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169", "url": "https://www.cve.org/CVERecord?id=CVE-2022-34169" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169" } ], "release_date": "2022-07-19T20:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-04T20:13:37+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8823" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)" }, { "cve": "CVE-2023-52428", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-09-04T17:02:58.468000+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2309764" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).", "title": "Vulnerability description" }, { "category": "summary", "text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52428" }, { "category": "external", "summary": "RHBZ#2309764", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52428" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428" } ], "release_date": "2024-02-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-04T20:13:37+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8823" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service" }, { "cve": "CVE-2024-4029", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2024-04-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278615" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.", "title": "Vulnerability description" }, { "category": "summary", "text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-4029" }, { "category": "external", "summary": "RHBZ#2278615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029", "url": "https://www.cve.org/CVERecord?id=CVE-2024-4029" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029" } ], "release_date": "2024-05-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-04T20:13:37+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8823" }, { "category": "workaround", "details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.", "product_ids": [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)" }, { "acknowledgments": [ { "names": [ "Tanner Emek" ] } ], "cve": "CVE-2024-8698", "cwe": { "id": "CWE-347", "name": "Improper Verification of Cryptographic Signature" }, "discovery_date": "2024-09-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2311641" } ], "notes": [ { "category": "description", "text": "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak\u0027s signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-8698" }, { "category": "external", "summary": "RHBZ#2311641", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-8698", "url": "https://www.cve.org/CVERecord?id=CVE-2024-8698" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698" } ], "release_date": "2024-09-19T15:12:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-04T20:13:37+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8823" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L", "version": "3.1" }, "products": [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak" }, { "acknowledgments": [ { "names": [ "Niklas Conrad", "Karsten Meyer zu Selhausen" ] } ], "cve": "CVE-2024-8883", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "discovery_date": "2024-09-16T06:17:01.573000+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2312511" } ], "notes": [ { "category": "description", "text": "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a \u0027Valid Redirect URI\u0027 is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.", "title": "Vulnerability description" }, { "category": "summary", "text": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-8883" }, { "category": "external", "summary": "RHBZ#2312511", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-8883", "url": "https://www.cve.org/CVERecord?id=CVE-2024-8883" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883" }, { "category": "external", "summary": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java", "url": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java" } ], "release_date": "2024-09-19T15:13:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-04T20:13:37+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8823" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec" }, { "cve": "CVE-2024-41172", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2024-07-19T09:20:34+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2298829" } ], "notes": [ { "category": "description", "text": "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.", "title": "Vulnerability description" }, { "category": "summary", "text": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-41172" }, { "category": "external", "summary": "RHBZ#2298829", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-41172", "url": "https://www.cve.org/CVERecord?id=CVE-2024-41172" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", "url": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg" }, { "category": "external", "summary": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", "url": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6" }, { "category": "external", "summary": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", "url": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg" } ], "release_date": "2024-07-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-04T20:13:37+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8823" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el8eap.src", "8Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el8eap.src", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch", "8Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el8eap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients" } ] }
rhsa-2024_8824
Vulnerability from csaf_redhat
Published
2024-11-04 20:13
Modified
2024-12-13 14:15
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0 for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:8824", "url": "https://access.redhat.com/errata/RHSA-2024:8824" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/", "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/8.0/" }, { "category": "external", "summary": "2108554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554" }, { "category": "external", "summary": "2278615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615" }, { "category": "external", "summary": "2298829", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829" }, { "category": "external", "summary": "2309764", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764" }, { "category": "external", "summary": "2311641", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641" }, { "category": "external", "summary": "2312511", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511" }, { "category": "external", "summary": "JBEAP-24945", "url": "https://issues.redhat.com/browse/JBEAP-24945" }, { "category": "external", "summary": "JBEAP-25035", "url": "https://issues.redhat.com/browse/JBEAP-25035" }, { "category": "external", "summary": "JBEAP-27002", "url": "https://issues.redhat.com/browse/JBEAP-27002" }, { "category": "external", "summary": "JBEAP-27194", "url": "https://issues.redhat.com/browse/JBEAP-27194" }, { "category": "external", "summary": "JBEAP-27248", "url": "https://issues.redhat.com/browse/JBEAP-27248" }, { "category": "external", "summary": "JBEAP-27276", "url": "https://issues.redhat.com/browse/JBEAP-27276" }, { "category": "external", "summary": "JBEAP-27293", "url": "https://issues.redhat.com/browse/JBEAP-27293" }, { "category": "external", "summary": "JBEAP-27392", "url": "https://issues.redhat.com/browse/JBEAP-27392" }, { "category": "external", "summary": "JBEAP-27543", "url": "https://issues.redhat.com/browse/JBEAP-27543" }, { "category": "external", "summary": "JBEAP-27585", "url": "https://issues.redhat.com/browse/JBEAP-27585" }, { "category": "external", "summary": "JBEAP-27643", "url": "https://issues.redhat.com/browse/JBEAP-27643" }, { "category": "external", "summary": "JBEAP-27659", "url": "https://issues.redhat.com/browse/JBEAP-27659" }, { "category": "external", "summary": "JBEAP-27688", "url": "https://issues.redhat.com/browse/JBEAP-27688" }, { "category": "external", "summary": "JBEAP-27694", "url": "https://issues.redhat.com/browse/JBEAP-27694" }, { "category": "external", "summary": "JBEAP-27957", "url": "https://issues.redhat.com/browse/JBEAP-27957" }, { "category": "external", "summary": "JBEAP-28057", "url": "https://issues.redhat.com/browse/JBEAP-28057" }, { "category": "external", "summary": "JBEAP-28278", "url": "https://issues.redhat.com/browse/JBEAP-28278" }, { "category": "external", "summary": "JBEAP-28289", "url": "https://issues.redhat.com/browse/JBEAP-28289" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8824.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update", "tracking": { "current_release_date": "2024-12-13T14:15:19+00:00", "generator": { "date": "2024-12-13T14:15:19+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:8824", "initial_release_date": "2024-11-04T20:13:24+00:00", "revision_history": [ { "date": "2024-11-04T20:13:24+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-11-04T20:13:24+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-13T14:15:19+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss EAP 8.0 for RHEL 9", "product": { "name": "Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0::el9" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "product": { "name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "product": { "name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "product": { "name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "product": { "name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "product": { "name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "product": { "name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "product": { "name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "product": { "name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "product": { "name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "product": { "name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "product": { "name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "product": { "name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "product": { "name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "product": { "name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "product": { "name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "product": { "name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "product": { "name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "product": { "name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "product": { "name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "product": { "name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "product": { "name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "product": { "name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "product": { "name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "product": { "name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "product": { "name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "product": { "name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "product": { "name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "product": { "name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "product": { "name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "product": { "name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "product": { "name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "product": { "name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "product": { "name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "product": { "name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "product": { "name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "product": { "name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "product": { "name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el9eap?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "product_id": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-pem-keystore@2.3.0-1.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "product": { "name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "product_id": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-hibernate@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "product": { "name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "product_id": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-hibernate-core@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "product": { "name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "product_id": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-hibernate-envers@6.2.31-1.Final_redhat_00002.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jboss-logging@3.5.3-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "product_id": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-commons-io@2.15.1-1.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "product_id": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-snakeyaml@2.2.0-1.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "product": { "name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "product_id": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-objectweb-asm@9.6.0-1.redhat_00002.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "product": { "name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "product_id": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-objectweb-asm-util@9.6.0-1.redhat_00002.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "product_id": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "product_id": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-aesh-extensions@1.8.0-2.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "product_id": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-nimbus-jose-jwt@9.37.3-1.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "product_id": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-aesh-readline@2.2.0-2.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "product_id": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jctools@4.0.2-1.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "product_id": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jctools-core@4.0.2-1.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "product_id": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-fastinfoset@2.1.0-4.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-resteasy-spring@3.0.1-2.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "product_id": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-cxf@4.0.5-1.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "product_id": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-cxf-rt@4.0.5-1.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "product_id": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-cxf-services@4.0.5-1.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "product_id": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-cxf-tools@4.0.5-1.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "product": { "name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "product_id": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=noarch\u0026epoch=1" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product": { "name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_id": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis@2.33.0-1.redhat_00015.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product": { "name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_id": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-cli@2.33.0-1.redhat_00015.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product": { "name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_id": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-commons@2.33.0-1.redhat_00015.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product": { "name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_id": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-core-client@2.33.0-1.redhat_00015.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product": { "name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_id": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-dto@2.33.0-1.redhat_00015.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product": { "name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_id": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-hornetq-protocol@2.33.0-1.redhat_00015.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product": { "name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_id": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-hqclient-protocol@2.33.0-1.redhat_00015.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product": { "name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_id": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-client@2.33.0-1.redhat_00015.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product": { "name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_id": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-ra@2.33.0-1.redhat_00015.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product": { "name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_id": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-server@2.33.0-1.redhat_00015.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product": { "name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_id": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-jakarta-service-extensions@2.33.0-1.redhat_00015.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product": { "name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_id": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-jdbc-store@2.33.0-1.redhat_00015.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product": { "name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_id": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-journal@2.33.0-1.redhat_00015.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product": { "name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_id": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-selector@2.33.0-1.redhat_00015.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product": { "name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_id": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-activemq-artemis-server@2.33.0-1.redhat_00015.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "product_id": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-eap-product-conf-parent@800.4.0-1.GA_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "product_id": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-eap-product-conf-wildfly-ee-feature-pack@800.4.0-1.GA_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "product_id": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl@3.0.1-1.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "product_id": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jakarta-servlet-jsp-jstl-api@3.0.1-1.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-narayana@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-narayana-jbosstxbridge@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-narayana-jbossxts@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-narayana-jts-idlj@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-narayana-jts-integration@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-narayana-restat-api@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-narayana-restat-bridge@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-narayana-restat-integration@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-narayana-restat-util@6.0.3-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jgroups@5.3.10-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "product": { "name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "product_id": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-commons-codec@1.16.1-2.redhat_00007.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "product_id": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-saaj-impl@3.0.4-1.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "product_id": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-slf4j@2.0.16-1.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "product_id": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-slf4j-api@2.0.16-1.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "product": { "name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "product_id": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-commons-lang@3.14.0-2.redhat_00006.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "product": { "name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "product_id": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-log4j@2.22.1-1.redhat_00002.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "product": { "name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "product_id": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-artemis-wildfly-integration@2.0.1-1.redhat_00002.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "product": { "name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "product_id": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-asyncutil@0.1.0-2.redhat_00010.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "product": { "name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "product_id": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-apache-commons-collections@3.2.2-28.redhat_2.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "product_id": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-hppc@0.8.1-2.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "product": { "name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "product_id": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-aws-java-sdk@1.12.284-2.redhat_00002.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "product": { "name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "product_id": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-aws-java-sdk-core@1.12.284-2.redhat_00002.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "product": { "name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "product_id": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-aws-java-sdk-kms@1.12.284-2.redhat_00002.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "product": { "name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "product_id": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-aws-java-sdk-s3@1.12.284-2.redhat_00002.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "product": { "name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "product_id": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jmespath-java@1.12.284-2.redhat_00002.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-resteasy-extensions@2.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-resteasy-tracing-api@2.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "product_id": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-cryptacular@1.2.5-2.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-hibernate-validator@8.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-hibernate-validator-cdi@8.0.1-3.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "product": { "name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "product_id": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-shibboleth-java-support@8.0.0-6.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "product": { "name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "product_id": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-wildfly@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "product": { "name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "product_id": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk11@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "product": { "name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "product_id": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk17@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "product": { "name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "product_id": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-wildfly-java-jdk21@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "product": { "name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "product_id": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-wildfly-modules@8.0.4-2.GA_redhat_00005.1.el9eap?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "product": { "name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "product_id": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=x86_64" } } }, { "category": "product_version", "name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "product": { "name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "product_id": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-artemis-native@2.0.0-2.redhat_00005.1.el9eap?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "product": { "name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "product_id": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap8-artemis-native-wildfly@2.0.0-2.redhat_00005.1.el9eap?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch" }, "product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src" }, "product_reference": "eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch" }, "product_reference": "eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch" }, "product_reference": "eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch" }, "product_reference": "eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch" }, "product_reference": "eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch" }, "product_reference": "eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch" }, "product_reference": "eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch" }, "product_reference": "eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch" }, "product_reference": "eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch" }, "product_reference": "eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch" }, "product_reference": "eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch" }, "product_reference": "eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch" }, "product_reference": "eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch" }, "product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src" }, "product_reference": "eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch" }, "product_reference": "eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch" }, "product_reference": "eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src" }, "product_reference": "eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src" }, "product_reference": "eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch" }, "product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src" }, "product_reference": "eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch" }, "product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src" }, "product_reference": "eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src" }, "product_reference": "eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch" }, "product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src" }, "product_reference": "eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src" }, "product_reference": "eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src" }, "product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64" }, "product_reference": "eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64" }, "product_reference": "eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch" }, "product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src" }, "product_reference": "eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch" }, "product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src" }, "product_reference": "eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch" }, "product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src" }, "product_reference": "eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch" }, "product_reference": "eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch" }, "product_reference": "eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch" }, "product_reference": "eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src" }, "product_reference": "eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src" }, "product_reference": "eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src" }, "product_reference": "eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch" }, "product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src" }, "product_reference": "eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch" }, "product_reference": "eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch" }, "product_reference": "eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src" }, "product_reference": "eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src" }, "product_reference": "eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src" }, "product_reference": "eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src" }, "product_reference": "eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src" }, "product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64" }, "product_reference": "eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src" }, "product_reference": "eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src" }, "product_reference": "eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src" }, "product_reference": "eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch" }, "product_reference": "eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch" }, "product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src" }, "product_reference": "eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src" }, "product_reference": "eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src" }, "product_reference": "eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch" }, "product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src" }, "product_reference": "eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch" }, "product_reference": "eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src" }, "product_reference": "eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src" }, "product_reference": "eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src" }, "product_reference": "eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src" }, "product_reference": "eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src" }, "product_reference": "eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src" }, "product_reference": "eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src" }, "product_reference": "eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" }, "product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src" }, "product_reference": "eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" }, "product_reference": "eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" }, "product_reference": "eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" }, "product_reference": "eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" }, { "category": "default_component_of", "full_product_name": { "name": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch as a component of Red Hat JBoss EAP 8.0 for RHEL 9", "product_id": "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" }, "product_reference": "eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-8.0" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-34169", "cwe": { "id": "CWE-192", "name": "Integer Coercion Error" }, "discovery_date": "2022-07-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2108554" } ], "notes": [ { "category": "description", "text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-34169" }, { "category": "external", "summary": "RHBZ#2108554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169", "url": "https://www.cve.org/CVERecord?id=CVE-2022-34169" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169" } ], "release_date": "2022-07-19T20:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-04T20:13:24+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8824" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)" }, { "cve": "CVE-2023-52428", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-09-04T17:02:58.468000+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2309764" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).", "title": "Vulnerability description" }, { "category": "summary", "text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52428" }, { "category": "external", "summary": "RHBZ#2309764", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52428" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428" } ], "release_date": "2024-02-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-04T20:13:24+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8824" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service" }, { "cve": "CVE-2024-4029", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2024-04-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278615" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.", "title": "Vulnerability description" }, { "category": "summary", "text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-4029" }, { "category": "external", "summary": "RHBZ#2278615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029", "url": "https://www.cve.org/CVERecord?id=CVE-2024-4029" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029" } ], "release_date": "2024-05-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-04T20:13:24+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8824" }, { "category": "workaround", "details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.", "product_ids": [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)" }, { "acknowledgments": [ { "names": [ "Tanner Emek" ] } ], "cve": "CVE-2024-8698", "cwe": { "id": "CWE-347", "name": "Improper Verification of Cryptographic Signature" }, "discovery_date": "2024-09-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2311641" } ], "notes": [ { "category": "description", "text": "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak\u0027s signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-8698" }, { "category": "external", "summary": "RHBZ#2311641", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-8698", "url": "https://www.cve.org/CVERecord?id=CVE-2024-8698" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698" } ], "release_date": "2024-09-19T15:12:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-04T20:13:24+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8824" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L", "version": "3.1" }, "products": [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak" }, { "acknowledgments": [ { "names": [ "Niklas Conrad", "Karsten Meyer zu Selhausen" ] } ], "cve": "CVE-2024-8883", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "discovery_date": "2024-09-16T06:17:01.573000+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2312511" } ], "notes": [ { "category": "description", "text": "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a \u0027Valid Redirect URI\u0027 is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.", "title": "Vulnerability description" }, { "category": "summary", "text": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-8883" }, { "category": "external", "summary": "RHBZ#2312511", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-8883", "url": "https://www.cve.org/CVERecord?id=CVE-2024-8883" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883" }, { "category": "external", "summary": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java", "url": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java" } ], "release_date": "2024-09-19T15:13:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-04T20:13:24+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8824" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec" }, { "cve": "CVE-2024-41172", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2024-07-19T09:20:34+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2298829" } ], "notes": [ { "category": "description", "text": "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.", "title": "Vulnerability description" }, { "category": "summary", "text": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-41172" }, { "category": "external", "summary": "RHBZ#2298829", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-41172", "url": "https://www.cve.org/CVERecord?id=CVE-2024-41172" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", "url": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg" }, { "category": "external", "summary": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", "url": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6" }, { "category": "external", "summary": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", "url": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg" } ], "release_date": "2024-07-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-04T20:13:24+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8824" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-0:2.33.0-1.redhat_00015.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-cli-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-commons-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-core-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-dto-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hornetq-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-hqclient-protocol-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-client-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-ra-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jakarta-service-extensions-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-jdbc-store-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-journal-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-activemq-artemis-selector-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-activemq-artemis-server-0:2.33.0-1.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-extensions-0:1.8.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aesh-readline-0:2.2.0-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-codec-0:1.16.1-2.redhat_00007.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-collections-0:3.2.2-28.redhat_2.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-io-0:2.15.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-commons-lang-0:3.14.0-2.redhat_00006.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-0:4.0.5-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-apache-cxf-rt-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-services-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-apache-cxf-tools-0:4.0.5-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-artemis-native-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-native-wildfly-1:2.0.0-2.redhat_00005.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-artemis-wildfly-integration-0:2.0.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-asyncutil-0:0.1.0-2.redhat_00010.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-0:1.12.284-2.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-aws-java-sdk-core-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-kms-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-aws-java-sdk-s3-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-cryptacular-0:1.2.5-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-eap-product-conf-parent-0:800.4.0-1.GA_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-eap-product-conf-wildfly-ee-feature-pack-0:800.4.0-1.GA_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-fastinfoset-0:2.1.0-4.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-0:6.2.31-1.Final_redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-core-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-envers-0:6.2.31-1.Final_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hibernate-validator-0:8.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-hibernate-validator-cdi-0:8.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-hppc-0:0.8.1-2.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jakarta-servlet-jsp-jstl-api-0:3.0.1-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jboss-logging-0:3.5.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jctools-0:4.0.2-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jctools-core-0:4.0.2-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-jgroups-0:5.3.10-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-jmespath-java-0:1.12.284-2.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-log4j-0:2.22.1-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-0:6.0.3-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-narayana-jbosstxbridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jbossxts-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-idlj-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-jts-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-api-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-bridge-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-integration-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-narayana-restat-util-0:6.0.3-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-nimbus-jose-jwt-0:9.37.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-objectweb-asm-0:9.6.0-1.redhat_00002.1.el9eap.src", "9Base-JBEAP-8.0:eap8-objectweb-asm-util-0:9.6.0-1.redhat_00002.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-pem-keystore-0:2.3.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-extensions-0:2.0.1-3.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-resteasy-spring-0:3.0.1-2.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-resteasy-tracing-api-0:2.0.1-3.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-saaj-impl-0:3.0.4-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-shibboleth-java-support-0:8.0.0-6.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-slf4j-0:2.0.16-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-slf4j-api-0:2.0.16-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-snakeyaml-0:2.2.0-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-0:8.0.4-2.GA_redhat_00005.1.el9eap.src", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk11-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk17-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-java-jdk21-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch", "9Base-JBEAP-8.0:eap8-wildfly-modules-0:8.0.4-2.GA_redhat_00005.1.el9eap.noarch" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients" } ] }
rhsa-2024_8826
Vulnerability from csaf_redhat
Published
2024-11-04 20:56
Modified
2024-12-13 14:15
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update
Notes
Topic
A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated
this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)
* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)
* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)
* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)
* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated\nthis update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 8.0.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 8.0.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 8.0.4 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* org.apache.cxf/cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients [eap-8.0.z] (CVE-2024-41172)\n\n* com.nimbusds/nimbus-jose-jwt: large JWE p2c header value causes Denial of Service [eap-8.0.z] (CVE-2023-52428)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-8.0.z] (CVE-2024-4029)\n\n* xalan: OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-8.0.z] (CVE-2022-34169)\n\n* org.keycloak/keycloak-services: Vulnerable Redirect URI Validation Results in Open Redirec [eap-8.0.z] (CVE-2024-8883)\n\n* org.keycloak/keycloak-saml-core-public: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\n* org.keycloak/keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak [eap-8.0.z] (CVE-2024-8698)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:8826", "url": "https://access.redhat.com/errata/RHSA-2024:8826" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0", "url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/8.0" }, { "category": "external", "summary": "2108554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554" }, { "category": "external", "summary": "2278615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615" }, { "category": "external", "summary": "2298829", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829" }, { "category": "external", "summary": "2309764", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764" }, { "category": "external", "summary": "2311641", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641" }, { "category": "external", "summary": "2312511", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511" }, { "category": "external", "summary": "JBEAP-24945", "url": "https://issues.redhat.com/browse/JBEAP-24945" }, { "category": "external", "summary": "JBEAP-25035", "url": "https://issues.redhat.com/browse/JBEAP-25035" }, { "category": "external", "summary": "JBEAP-27002", "url": "https://issues.redhat.com/browse/JBEAP-27002" }, { "category": "external", "summary": "JBEAP-27194", "url": "https://issues.redhat.com/browse/JBEAP-27194" }, { "category": "external", "summary": "JBEAP-27276", "url": "https://issues.redhat.com/browse/JBEAP-27276" }, { "category": "external", "summary": "JBEAP-27293", "url": "https://issues.redhat.com/browse/JBEAP-27293" }, { "category": "external", "summary": "JBEAP-27392", "url": "https://issues.redhat.com/browse/JBEAP-27392" }, { "category": "external", "summary": "JBEAP-27543", "url": "https://issues.redhat.com/browse/JBEAP-27543" }, { "category": "external", "summary": "JBEAP-27585", "url": "https://issues.redhat.com/browse/JBEAP-27585" }, { "category": "external", "summary": "JBEAP-27643", "url": "https://issues.redhat.com/browse/JBEAP-27643" }, { "category": "external", "summary": "JBEAP-27659", "url": "https://issues.redhat.com/browse/JBEAP-27659" }, { "category": "external", "summary": "JBEAP-27688", "url": "https://issues.redhat.com/browse/JBEAP-27688" }, { "category": "external", "summary": "JBEAP-27694", "url": "https://issues.redhat.com/browse/JBEAP-27694" }, { "category": "external", "summary": "JBEAP-27957", "url": "https://issues.redhat.com/browse/JBEAP-27957" }, { "category": "external", "summary": "JBEAP-28057", "url": "https://issues.redhat.com/browse/JBEAP-28057" }, { "category": "external", "summary": "JBEAP-28278", "url": "https://issues.redhat.com/browse/JBEAP-28278" }, { "category": "external", "summary": "JBEAP-28289", "url": "https://issues.redhat.com/browse/JBEAP-28289" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8826.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.4 Security update", "tracking": { "current_release_date": "2024-12-13T14:15:31+00:00", "generator": { "date": "2024-12-13T14:15:31+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:8826", "initial_release_date": "2024-11-04T20:56:02+00:00", "revision_history": [ { "date": "2024-11-04T20:56:02+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-11-04T20:56:02+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-13T14:15:31+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 8", "product": { "name": "Red Hat JBoss Enterprise Application Platform 8", "product_id": "Red Hat JBoss Enterprise Application Platform 8", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:8.0" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-34169", "cwe": { "id": "CWE-192", "name": "Integer Coercion Error" }, "discovery_date": "2022-07-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2108554" } ], "notes": [ { "category": "description", "text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 8" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-34169" }, { "category": "external", "summary": "RHBZ#2108554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169", "url": "https://www.cve.org/CVERecord?id=CVE-2022-34169" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169" } ], "release_date": "2022-07-19T20:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-04T20:56:02+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 8" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8826" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 8" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)" }, { "cve": "CVE-2023-52428", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-09-04T17:02:58.468000+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2309764" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Nimbus Jose JWT package. This issue could allow an attacker to use a malicious large JWE p2c header value for PasswordBasedDecrypter and cause a Denial of Service (DoS).", "title": "Vulnerability description" }, { "category": "summary", "text": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 8" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-52428" }, { "category": "external", "summary": "RHBZ#2309764", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309764" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-52428", "url": "https://www.cve.org/CVERecord?id=CVE-2023-52428" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52428" } ], "release_date": "2024-02-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-04T20:56:02+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 8" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8826" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 8" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "nimbus-jose-jwt: large JWE p2c header value causes Denial of Service" }, { "cve": "CVE-2024-4029", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2024-04-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278615" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.", "title": "Vulnerability description" }, { "category": "summary", "text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 8" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-4029" }, { "category": "external", "summary": "RHBZ#2278615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029", "url": "https://www.cve.org/CVERecord?id=CVE-2024-4029" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029" } ], "release_date": "2024-05-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-04T20:56:02+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 8" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8826" }, { "category": "workaround", "details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 8" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 8" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)" }, { "acknowledgments": [ { "names": [ "Tanner Emek" ] } ], "cve": "CVE-2024-8698", "cwe": { "id": "CWE-347", "name": "Improper Verification of Cryptographic Signature" }, "discovery_date": "2024-09-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2311641" } ], "notes": [ { "category": "description", "text": "A flaw exists in the SAML signature validation method within the Keycloak XMLSignatureUtil class. The method incorrectly determines whether a SAML signature is for the full document or only for specific assertions based on the position of the signature in the XML document, rather than the Reference element used to specify the signed element. This flaw allows attackers to create crafted responses that can bypass the validation, potentially leading to privilege escalation or impersonation attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability is of high severity due to its potential to facilitate privilege escalation and user impersonation in systems using SAML for authentication. The core issue stems from improper validation logic in Keycloak\u0027s signature validation method, which relies on the position of signatures rather than explicitly checking the referenced elements. By manipulating the XML structure, an attacker can bypass signature validation and inject an unsigned assertion while retaining a valid signed one. This allows unauthorized access to high-privileged accounts, leading to significant security risks in SAML-based identity providers and service providers.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 8" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-8698" }, { "category": "external", "summary": "RHBZ#2311641", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311641" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-8698", "url": "https://www.cve.org/CVERecord?id=CVE-2024-8698" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8698" } ], "release_date": "2024-09-19T15:12:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-04T20:56:02+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 8" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8826" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 8" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 8" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "keycloak-saml-core: Improper Verification of SAML Responses Leading to Privilege Escalation in Keycloak" }, { "acknowledgments": [ { "names": [ "Niklas Conrad", "Karsten Meyer zu Selhausen" ] } ], "cve": "CVE-2024-8883", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "discovery_date": "2024-09-16T06:17:01.573000+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2312511" } ], "notes": [ { "category": "description", "text": "A misconfiguration flaw was found in Keycloak. This issue can allow an attacker to redirect users to an arbitrary URL if a \u0027Valid Redirect URI\u0027 is set to http://localhost or http://127.0.0.1, enabling sensitive information such as authorization codes to be exposed to the attacker, potentially leading to session hijacking.", "title": "Vulnerability description" }, { "category": "summary", "text": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 8" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-8883" }, { "category": "external", "summary": "RHBZ#2312511", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312511" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-8883", "url": "https://www.cve.org/CVERecord?id=CVE-2024-8883" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8883" }, { "category": "external", "summary": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java", "url": "https://github.com/keycloak/keycloak/blob/main/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java" } ], "release_date": "2024-09-19T15:13:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-04T20:56:02+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 8" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8826" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 8" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 8" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Keycloak: Vulnerable Redirect URI Validation Results in Open Redirec" }, { "cve": "CVE-2024-41172", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "discovery_date": "2024-07-19T09:20:34+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2298829" } ], "notes": [ { "category": "description", "text": "A memory consumption flaw was found in Apache CXF. This issue may allow a CXF HTTP client conduit to prevent HTTPClient instances from being garbage collected, eventually causing the application to run out of memory.", "title": "Vulnerability description" }, { "category": "summary", "text": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 8" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-41172" }, { "category": "external", "summary": "RHBZ#2298829", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2298829" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-41172", "url": "https://www.cve.org/CVERecord?id=CVE-2024-41172" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41172" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg", "url": "https://github.com/advisories/GHSA-4mgg-fqfq-64hg" }, { "category": "external", "summary": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6", "url": "https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6" }, { "category": "external", "summary": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg", "url": "https://osv.dev/vulnerability/GHSA-4mgg-fqfq-64hg" } ], "release_date": "2024-07-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-11-04T20:56:02+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 8" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8826" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 8" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "apache: cxf: org.apache.cxf:cxf-rt-transports-http: unrestricted memory consumption in CXF HTTP clients" } ] }
rhsa-2024_8080
Vulnerability from csaf_redhat
Published
2024-10-14 18:07
Modified
2024-12-17 21:03
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)
* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)
* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)
* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4.\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)\n\n* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)\n\n* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)\n\n* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:8080", "url": "https://access.redhat.com/errata/RHSA-2024:8080" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4", "url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4" }, { "category": "external", "summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index", "url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index" }, { "category": "external", "summary": "2108554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554" }, { "category": "external", "summary": "2127078", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078" }, { "category": "external", "summary": "2266921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921" }, { "category": "external", "summary": "2278615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615" }, { "category": "external", "summary": "2280600", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600" }, { "category": "external", "summary": "JBEAP-27357", "url": "https://issues.redhat.com/browse/JBEAP-27357" }, { "category": "external", "summary": "JBEAP-27548", "url": "https://issues.redhat.com/browse/JBEAP-27548" }, { "category": "external", "summary": "JBEAP-27613", "url": "https://issues.redhat.com/browse/JBEAP-27613" }, { "category": "external", "summary": "JBEAP-27658", "url": "https://issues.redhat.com/browse/JBEAP-27658" }, { "category": "external", "summary": "JBEAP-27700", "url": "https://issues.redhat.com/browse/JBEAP-27700" }, { "category": "external", "summary": "JBEAP-27701", "url": "https://issues.redhat.com/browse/JBEAP-27701" }, { "category": "external", "summary": "JBEAP-27713", "url": "https://issues.redhat.com/browse/JBEAP-27713" }, { "category": "external", "summary": "JBEAP-27714", "url": "https://issues.redhat.com/browse/JBEAP-27714" }, { "category": "external", "summary": "JBEAP-27715", "url": "https://issues.redhat.com/browse/JBEAP-27715" }, { "category": "external", "summary": "JBEAP-27746", "url": "https://issues.redhat.com/browse/JBEAP-27746" }, { "category": "external", "summary": "JBEAP-27747", "url": "https://issues.redhat.com/browse/JBEAP-27747" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8080.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update", "tracking": { "current_release_date": "2024-12-17T21:03:32+00:00", "generator": { "date": "2024-12-17T21:03:32+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:8080", "initial_release_date": "2024-10-14T18:07:02+00:00", "revision_history": [ { "date": "2024-10-14T18:07:02+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-10-14T18:07:02+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-17T21:03:32+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Enterprise Application Platform 7", "product": { "name": "Red Hat JBoss Enterprise Application Platform 7", "product_id": "Red Hat JBoss Enterprise Application Platform 7", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-34169", "cwe": { "id": "CWE-192", "name": "Integer Coercion Error" }, "discovery_date": "2022-07-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2108554" } ], "notes": [ { "category": "description", "text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-34169" }, { "category": "external", "summary": "RHBZ#2108554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169", "url": "https://www.cve.org/CVERecord?id=CVE-2022-34169" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169" } ], "release_date": "2022-07-19T20:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T18:07:02+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8080" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)" }, { "cve": "CVE-2022-36033", "cwe": { "id": "CWE-87", "name": "Improper Neutralization of Alternate XSS Syntax" }, "discovery_date": "2022-09-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2127078" } ], "notes": [ { "category": "description", "text": "A flaw was found in jsoup, a Java HTML parser built for HTML editing, cleaning, scraping, and Cross-site scripting (XSS) safety. An issue in jsoup may incorrectly sanitize HTML, including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML, including `javascript:` URLs crafted with control characters, will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is possible.", "title": "Vulnerability description" }, { "category": "summary", "text": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-36033" }, { "category": "external", "summary": "RHBZ#2127078", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-36033", "url": "https://www.cve.org/CVERecord?id=CVE-2022-36033" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033" } ], "release_date": "2022-08-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T18:07:02+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8080" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled" }, { "cve": "CVE-2023-51775", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-02-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2266921" } ], "notes": [ { "category": "description", "text": "A flaw was found in the jose.4.j (jose4j) library. The JWE key management algorithms based on PBKDF2 require a JOSE Header Parameter called p2c (PBES2 Count). This parameter dictates the number of PBKDF2 iterations needed to derive a CEK wrapping key. Its primary purpose is to intentionally slow down the key derivation function, making password brute-force and dictionary attacks more resource-intensive. However, if an attacker sets the p2c parameter in JWE to a large number, it can cause high computational consumption, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "jose4j: denial of service via specially crafted JWE", "title": "Vulnerability summary" }, { "category": "other", "text": "The vulnerability in the jose4j library, where the \"p2c\" parameter in PBKDF2-based JWE key management algorithms can be manipulated to induce high computational consumption, is classified as moderate severity due to its potential impact on service availability and resource exhaustion. By setting a large value for \"p2c\", an attacker can force the server to perform an excessive number of PBKDF2 iterations during key derivation. This results in increased CPU and memory usage, potentially leading to degraded performance or temporary denial of service.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-51775" }, { "category": "external", "summary": "RHBZ#2266921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51775", "url": "https://www.cve.org/CVERecord?id=CVE-2023-51775" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775" } ], "release_date": "2024-02-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T18:07:02+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8080" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jose4j: denial of service via specially crafted JWE" }, { "cve": "CVE-2024-4029", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2024-04-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278615" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.", "title": "Vulnerability description" }, { "category": "summary", "text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-4029" }, { "category": "external", "summary": "RHBZ#2278615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029", "url": "https://www.cve.org/CVERecord?id=CVE-2024-4029" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029" } ], "release_date": "2024-05-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T18:07:02+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8080" }, { "category": "workaround", "details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)" }, { "cve": "CVE-2024-4068", "cwe": { "id": "CWE-1050", "name": "Excessive Platform Resource Consumption within a Loop" }, "discovery_date": "2024-05-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2280600" } ], "notes": [ { "category": "description", "text": "A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "braces: fails to limit the number of characters it can handle", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Enterprise Application Platform 7" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-4068" }, { "category": "external", "summary": "RHBZ#2280600", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-4068", "url": "https://www.cve.org/CVERecord?id=CVE-2024-4068" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068" }, { "category": "external", "summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/", "url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/" }, { "category": "external", "summary": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308", "url": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308" }, { "category": "external", "summary": "https://github.com/micromatch/braces/issues/35", "url": "https://github.com/micromatch/braces/issues/35" } ], "release_date": "2024-03-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T18:07:02+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8080" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Enterprise Application Platform 7" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "braces: fails to limit the number of characters it can handle" } ] }
rhsa-2024_8075
Vulnerability from csaf_redhat
Published
2024-10-14 18:01
Modified
2024-12-17 21:03
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)
* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)
* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)
* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7.\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)\n\n* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)\n\n* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)\n\n* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:8075", "url": "https://access.redhat.com/errata/RHSA-2024:8075" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4", "url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4" }, { "category": "external", "summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index", "url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index" }, { "category": "external", "summary": "2108554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554" }, { "category": "external", "summary": "2127078", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078" }, { "category": "external", "summary": "2266921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921" }, { "category": "external", "summary": "2278615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615" }, { "category": "external", "summary": "2280600", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600" }, { "category": "external", "summary": "JBEAP-27049", "url": "https://issues.redhat.com/browse/JBEAP-27049" }, { "category": "external", "summary": "JBEAP-27357", "url": "https://issues.redhat.com/browse/JBEAP-27357" }, { "category": "external", "summary": "JBEAP-27548", "url": "https://issues.redhat.com/browse/JBEAP-27548" }, { "category": "external", "summary": "JBEAP-27613", "url": "https://issues.redhat.com/browse/JBEAP-27613" }, { "category": "external", "summary": "JBEAP-27658", "url": "https://issues.redhat.com/browse/JBEAP-27658" }, { "category": "external", "summary": "JBEAP-27700", "url": "https://issues.redhat.com/browse/JBEAP-27700" }, { "category": "external", "summary": "JBEAP-27701", "url": "https://issues.redhat.com/browse/JBEAP-27701" }, { "category": "external", "summary": "JBEAP-27713", "url": "https://issues.redhat.com/browse/JBEAP-27713" }, { "category": "external", "summary": "JBEAP-27714", "url": "https://issues.redhat.com/browse/JBEAP-27714" }, { "category": "external", "summary": "JBEAP-27715", "url": "https://issues.redhat.com/browse/JBEAP-27715" }, { "category": "external", "summary": "JBEAP-27746", "url": "https://issues.redhat.com/browse/JBEAP-27746" }, { "category": "external", "summary": "JBEAP-27747", "url": "https://issues.redhat.com/browse/JBEAP-27747" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8075.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update", "tracking": { "current_release_date": "2024-12-17T21:03:11+00:00", "generator": { "date": "2024-12-17T21:03:11+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:8075", "initial_release_date": "2024-10-14T18:01:59+00:00", "revision_history": [ { "date": "2024-10-14T18:01:59+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-10-14T18:01:59+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-17T21:03:11+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product": { "name": "Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el7" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "product": { "name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "product_id": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src", "product": { "name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src", "product_id": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "product": { "name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "product_id": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "product": { "name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "product_id": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "product": { "name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "product_id": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "product": { "name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "product_id": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "product": { "name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "product_id": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1.el7eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "product": { "name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "product_id": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1.el7eap?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.23-2.SP1_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "product": { "name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "product_id": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.18-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "product": { "name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "product_id": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "product_id": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "product": { "name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "product_id": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-39.Final_redhat_00039.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "product": { "name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "product_id": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-39.Final_redhat_00039.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "product_id": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "product_id": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.19-1.GA_redhat_00002.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "product_id": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.19-1.GA_redhat_00002.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "product_id": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.19-1.GA_redhat_00002.1.el7eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "product": { "name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "product_id": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.19-1.GA_redhat_00002.1.el7eap?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "product": { "name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "product_id": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1.el7eap?arch=x86_64" } } }, { "category": "product_version", "name": "eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "product": { "name": "eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "product_id": "eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-cert-helper-debuginfo@1.1.3-1.redhat_00001.1.el7eap?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src" }, "product_reference": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64" }, "product_reference": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64" }, "product_reference": "eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src" }, "product_reference": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch" }, "product_reference": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch" }, "product_reference": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src" }, "product_reference": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch" }, "product_reference": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src" }, "product_reference": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src" }, "product_reference": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch" }, "product_reference": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch" }, "product_reference": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "relates_to_product_reference": "7Server-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 7 Server", "product_id": "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src" }, "product_reference": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src", "relates_to_product_reference": "7Server-JBEAP-7.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-34169", "cwe": { "id": "CWE-192", "name": "Integer Coercion Error" }, "discovery_date": "2022-07-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2108554" } ], "notes": [ { "category": "description", "text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-34169" }, { "category": "external", "summary": "RHBZ#2108554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169", "url": "https://www.cve.org/CVERecord?id=CVE-2022-34169" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169" } ], "release_date": "2022-07-19T20:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T18:01:59+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8075" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)" }, { "cve": "CVE-2022-36033", "cwe": { "id": "CWE-87", "name": "Improper Neutralization of Alternate XSS Syntax" }, "discovery_date": "2022-09-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2127078" } ], "notes": [ { "category": "description", "text": "A flaw was found in jsoup, a Java HTML parser built for HTML editing, cleaning, scraping, and Cross-site scripting (XSS) safety. An issue in jsoup may incorrectly sanitize HTML, including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML, including `javascript:` URLs crafted with control characters, will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is possible.", "title": "Vulnerability description" }, { "category": "summary", "text": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-36033" }, { "category": "external", "summary": "RHBZ#2127078", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-36033", "url": "https://www.cve.org/CVERecord?id=CVE-2022-36033" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033" } ], "release_date": "2022-08-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T18:01:59+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8075" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled" }, { "cve": "CVE-2023-51775", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-02-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2266921" } ], "notes": [ { "category": "description", "text": "A flaw was found in the jose.4.j (jose4j) library. The JWE key management algorithms based on PBKDF2 require a JOSE Header Parameter called p2c (PBES2 Count). This parameter dictates the number of PBKDF2 iterations needed to derive a CEK wrapping key. Its primary purpose is to intentionally slow down the key derivation function, making password brute-force and dictionary attacks more resource-intensive. However, if an attacker sets the p2c parameter in JWE to a large number, it can cause high computational consumption, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "jose4j: denial of service via specially crafted JWE", "title": "Vulnerability summary" }, { "category": "other", "text": "The vulnerability in the jose4j library, where the \"p2c\" parameter in PBKDF2-based JWE key management algorithms can be manipulated to induce high computational consumption, is classified as moderate severity due to its potential impact on service availability and resource exhaustion. By setting a large value for \"p2c\", an attacker can force the server to perform an excessive number of PBKDF2 iterations during key derivation. This results in increased CPU and memory usage, potentially leading to degraded performance or temporary denial of service.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-51775" }, { "category": "external", "summary": "RHBZ#2266921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51775", "url": "https://www.cve.org/CVERecord?id=CVE-2023-51775" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775" } ], "release_date": "2024-02-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T18:01:59+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8075" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jose4j: denial of service via specially crafted JWE" }, { "cve": "CVE-2024-4029", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2024-04-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278615" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.", "title": "Vulnerability description" }, { "category": "summary", "text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-4029" }, { "category": "external", "summary": "RHBZ#2278615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029", "url": "https://www.cve.org/CVERecord?id=CVE-2024-4029" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029" } ], "release_date": "2024-05-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T18:01:59+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8075" }, { "category": "workaround", "details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.", "product_ids": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)" }, { "cve": "CVE-2024-4068", "cwe": { "id": "CWE-1050", "name": "Excessive Platform Resource Consumption within a Loop" }, "discovery_date": "2024-05-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2280600" } ], "notes": [ { "category": "description", "text": "A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "braces: fails to limit the number of characters it can handle", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-4068" }, { "category": "external", "summary": "RHBZ#2280600", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-4068", "url": "https://www.cve.org/CVERecord?id=CVE-2024-4068" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068" }, { "category": "external", "summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/", "url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/" }, { "category": "external", "summary": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308", "url": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308" }, { "category": "external", "summary": "https://github.com/micromatch/braces/issues/35", "url": "https://github.com/micromatch/braces/issues/35" } ], "release_date": "2024-03-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T18:01:59+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8075" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-cert-helper-debuginfo-0:1.1.3-1.redhat_00001.1.el7eap.x86_64", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el7eap.src", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el7eap.src", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.noarch", "7Server-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el7eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "braces: fails to limit the number of characters it can handle" } ] }
rhsa-2024_8076
Vulnerability from csaf_redhat
Published
2024-10-14 18:01
Modified
2024-12-17 21:03
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)
* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)
* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)
* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8.\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)\n\n* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)\n\n* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)\n\n* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:8076", "url": "https://access.redhat.com/errata/RHSA-2024:8076" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4", "url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4" }, { "category": "external", "summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index", "url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index" }, { "category": "external", "summary": "2108554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554" }, { "category": "external", "summary": "2127078", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078" }, { "category": "external", "summary": "2266921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921" }, { "category": "external", "summary": "2278615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615" }, { "category": "external", "summary": "2280600", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600" }, { "category": "external", "summary": "JBEAP-27050", "url": "https://issues.redhat.com/browse/JBEAP-27050" }, { "category": "external", "summary": "JBEAP-27357", "url": "https://issues.redhat.com/browse/JBEAP-27357" }, { "category": "external", "summary": "JBEAP-27548", "url": "https://issues.redhat.com/browse/JBEAP-27548" }, { "category": "external", "summary": "JBEAP-27613", "url": "https://issues.redhat.com/browse/JBEAP-27613" }, { "category": "external", "summary": "JBEAP-27658", "url": "https://issues.redhat.com/browse/JBEAP-27658" }, { "category": "external", "summary": "JBEAP-27700", "url": "https://issues.redhat.com/browse/JBEAP-27700" }, { "category": "external", "summary": "JBEAP-27701", "url": "https://issues.redhat.com/browse/JBEAP-27701" }, { "category": "external", "summary": "JBEAP-27713", "url": "https://issues.redhat.com/browse/JBEAP-27713" }, { "category": "external", "summary": "JBEAP-27714", "url": "https://issues.redhat.com/browse/JBEAP-27714" }, { "category": "external", "summary": "JBEAP-27715", "url": "https://issues.redhat.com/browse/JBEAP-27715" }, { "category": "external", "summary": "JBEAP-27746", "url": "https://issues.redhat.com/browse/JBEAP-27746" }, { "category": "external", "summary": "JBEAP-27747", "url": "https://issues.redhat.com/browse/JBEAP-27747" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8076.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update", "tracking": { "current_release_date": "2024-12-17T21:03:01+00:00", "generator": { "date": "2024-12-17T21:03:01+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:8076", "initial_release_date": "2024-10-14T18:01:49+00:00", "revision_history": [ { "date": "2024-10-14T18:01:49+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-10-14T18:01:49+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-17T21:03:01+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss EAP 7.4 for RHEL 8", "product": { "name": "Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el8" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src", "product": { "name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src", "product_id": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "product": { "name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "product_id": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "product": { "name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "product_id": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "product": { "name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "product_id": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "product": { "name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "product_id": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "product": { "name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "product_id": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "product": { "name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "product_id": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1.el8eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "product": { "name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "product_id": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1.el8eap?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "product": { "name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "product_id": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "product": { "name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "product_id": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.18-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "product_id": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.23-2.SP1_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "product_id": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "product": { "name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "product_id": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-39.Final_redhat_00039.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "product": { "name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "product_id": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-39.Final_redhat_00039.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "product": { "name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "product_id": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "product": { "name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "product_id": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.19-1.GA_redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "product": { "name": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "product_id": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.19-1.GA_redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "product": { "name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "product_id": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.19-1.GA_redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "product": { "name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "product_id": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.19-1.GA_redhat_00002.1.el8eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "product": { "name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "product_id": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.19-1.GA_redhat_00002.1.el8eap?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "product": { "name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "product_id": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1.el8eap?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64" }, "product_reference": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src" }, "product_reference": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch" }, "product_reference": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch" }, "product_reference": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src" }, "product_reference": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch" }, "product_reference": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src" }, "product_reference": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src" }, "product_reference": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch" }, "product_reference": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch" }, "product_reference": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "relates_to_product_reference": "8Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 8", "product_id": "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src" }, "product_reference": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src", "relates_to_product_reference": "8Base-JBEAP-7.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-34169", "cwe": { "id": "CWE-192", "name": "Integer Coercion Error" }, "discovery_date": "2022-07-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2108554" } ], "notes": [ { "category": "description", "text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-34169" }, { "category": "external", "summary": "RHBZ#2108554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169", "url": "https://www.cve.org/CVERecord?id=CVE-2022-34169" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169" } ], "release_date": "2022-07-19T20:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T18:01:49+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8076" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)" }, { "cve": "CVE-2022-36033", "cwe": { "id": "CWE-87", "name": "Improper Neutralization of Alternate XSS Syntax" }, "discovery_date": "2022-09-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2127078" } ], "notes": [ { "category": "description", "text": "A flaw was found in jsoup, a Java HTML parser built for HTML editing, cleaning, scraping, and Cross-site scripting (XSS) safety. An issue in jsoup may incorrectly sanitize HTML, including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML, including `javascript:` URLs crafted with control characters, will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is possible.", "title": "Vulnerability description" }, { "category": "summary", "text": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-36033" }, { "category": "external", "summary": "RHBZ#2127078", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-36033", "url": "https://www.cve.org/CVERecord?id=CVE-2022-36033" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033" } ], "release_date": "2022-08-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T18:01:49+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8076" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled" }, { "cve": "CVE-2023-51775", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-02-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2266921" } ], "notes": [ { "category": "description", "text": "A flaw was found in the jose.4.j (jose4j) library. The JWE key management algorithms based on PBKDF2 require a JOSE Header Parameter called p2c (PBES2 Count). This parameter dictates the number of PBKDF2 iterations needed to derive a CEK wrapping key. Its primary purpose is to intentionally slow down the key derivation function, making password brute-force and dictionary attacks more resource-intensive. However, if an attacker sets the p2c parameter in JWE to a large number, it can cause high computational consumption, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "jose4j: denial of service via specially crafted JWE", "title": "Vulnerability summary" }, { "category": "other", "text": "The vulnerability in the jose4j library, where the \"p2c\" parameter in PBKDF2-based JWE key management algorithms can be manipulated to induce high computational consumption, is classified as moderate severity due to its potential impact on service availability and resource exhaustion. By setting a large value for \"p2c\", an attacker can force the server to perform an excessive number of PBKDF2 iterations during key derivation. This results in increased CPU and memory usage, potentially leading to degraded performance or temporary denial of service.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-51775" }, { "category": "external", "summary": "RHBZ#2266921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51775", "url": "https://www.cve.org/CVERecord?id=CVE-2023-51775" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775" } ], "release_date": "2024-02-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T18:01:49+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8076" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jose4j: denial of service via specially crafted JWE" }, { "cve": "CVE-2024-4029", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2024-04-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278615" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.", "title": "Vulnerability description" }, { "category": "summary", "text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-4029" }, { "category": "external", "summary": "RHBZ#2278615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029", "url": "https://www.cve.org/CVERecord?id=CVE-2024-4029" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029" } ], "release_date": "2024-05-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T18:01:49+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8076" }, { "category": "workaround", "details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.", "product_ids": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)" }, { "cve": "CVE-2024-4068", "cwe": { "id": "CWE-1050", "name": "Excessive Platform Resource Consumption within a Loop" }, "discovery_date": "2024-05-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2280600" } ], "notes": [ { "category": "description", "text": "A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "braces: fails to limit the number of characters it can handle", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-4068" }, { "category": "external", "summary": "RHBZ#2280600", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-4068", "url": "https://www.cve.org/CVERecord?id=CVE-2024-4068" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068" }, { "category": "external", "summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/", "url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/" }, { "category": "external", "summary": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308", "url": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308" }, { "category": "external", "summary": "https://github.com/micromatch/braces/issues/35", "url": "https://github.com/micromatch/braces/issues/35" } ], "release_date": "2024-03-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T18:01:49+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8076" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el8eap.x86_64", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el8eap.src", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el8eap.src", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.noarch", "8Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el8eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "braces: fails to limit the number of characters it can handle" } ] }
rhsa-2024_8077
Vulnerability from csaf_redhat
Published
2024-10-14 18:01
Modified
2024-12-17 21:03
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)
* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)
* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)
* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)
* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 9.\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.18, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.19 Release Notes for information about the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* braces: fails to limit the number of characters it can handle [eap-7.4.z] (CVE-2024-4068)\n\n* jose4j: denial of service via specially crafted JWE [eap-7.4.z] (CVE-2023-51775)\n\n* wildfly-domain-http: wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS) [eap-7.4.z] (CVE-2024-4029)\n\n* xalan: integer truncation issue in Xalan-J (JAXP, 8285407) [eap-7.4.z] (CVE-2022-34169)\n\n* org.jsoup/jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled [eap-7.4.z] (CVE-2022-36033)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:8077", "url": "https://access.redhat.com/errata/RHSA-2024:8077" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4", "url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4" }, { "category": "external", "summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index", "url": "https://docs.redhat.com/en/documentation/red_hat_jboss_enterprise_application_platform/7.4/html-single/installation_guide/index" }, { "category": "external", "summary": "2108554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554" }, { "category": "external", "summary": "2127078", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078" }, { "category": "external", "summary": "2266921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921" }, { "category": "external", "summary": "2278615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615" }, { "category": "external", "summary": "2280600", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600" }, { "category": "external", "summary": "JBEAP-27051", "url": "https://issues.redhat.com/browse/JBEAP-27051" }, { "category": "external", "summary": "JBEAP-27357", "url": "https://issues.redhat.com/browse/JBEAP-27357" }, { "category": "external", "summary": "JBEAP-27548", "url": "https://issues.redhat.com/browse/JBEAP-27548" }, { "category": "external", "summary": "JBEAP-27613", "url": "https://issues.redhat.com/browse/JBEAP-27613" }, { "category": "external", "summary": "JBEAP-27658", "url": "https://issues.redhat.com/browse/JBEAP-27658" }, { "category": "external", "summary": "JBEAP-27700", "url": "https://issues.redhat.com/browse/JBEAP-27700" }, { "category": "external", "summary": "JBEAP-27701", "url": "https://issues.redhat.com/browse/JBEAP-27701" }, { "category": "external", "summary": "JBEAP-27713", "url": "https://issues.redhat.com/browse/JBEAP-27713" }, { "category": "external", "summary": "JBEAP-27714", "url": "https://issues.redhat.com/browse/JBEAP-27714" }, { "category": "external", "summary": "JBEAP-27715", "url": "https://issues.redhat.com/browse/JBEAP-27715" }, { "category": "external", "summary": "JBEAP-27746", "url": "https://issues.redhat.com/browse/JBEAP-27746" }, { "category": "external", "summary": "JBEAP-27747", "url": "https://issues.redhat.com/browse/JBEAP-27747" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8077.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.19 Security update", "tracking": { "current_release_date": "2024-12-17T21:03:21+00:00", "generator": { "date": "2024-12-17T21:03:21+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:8077", "initial_release_date": "2024-10-14T18:01:43+00:00", "revision_history": [ { "date": "2024-10-14T18:01:43+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-10-14T18:01:43+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-17T21:03:21+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss EAP 7.4 for RHEL 9", "product": { "name": "Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.4::el9" } } } ], "category": "product_family", "name": "Red Hat JBoss Enterprise Application Platform" }, { "branches": [ { "category": "product_version", "name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "product": { "name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "product_id": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "product": { "name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "product_id": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src", "product": { "name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src", "product_id": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "product": { "name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "product_id": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "product": { "name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "product_id": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "product": { "name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "product_id": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "product": { "name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "product_id": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "product": { "name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "product_id": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "product": { "name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "product_id": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "product": { "name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "product_id": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "product": { "name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "product_id": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1.el9eap?arch=src" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "product": { "name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "product_id": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1.el9eap?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.15-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hal-console@3.3.24-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "product": { "name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "product_id": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-xalan-j2@2.7.1-37.redhat_00015.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "product": { "name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "product_id": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jsoup@1.15.4-1.redhat_00003.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "product_id": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-validator@6.0.23-2.SP1_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "product_id": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-hibernate-validator-cdi@6.0.23-2.SP1_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.55-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jbossws-cxf@5.4.12-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product_id": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.5.18-1.Final_redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "product": { "name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "product_id": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-insights-java-client@1.1.3-1.redhat_00001.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "product": { "name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "product_id": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.10.0-39.Final_redhat_00039.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "product": { "name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "product_id": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.10.0-39.Final_redhat_00039.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "product": { "name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "product_id": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.10.0-39.Final_redhat_00039.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "product": { "name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "product_id": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly@7.4.19-1.GA_redhat_00002.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "product": { "name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "product_id": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.4.19-1.GA_redhat_00002.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "product": { "name": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "product_id": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk17@7.4.19-1.GA_redhat_00002.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "product": { "name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "product_id": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.4.19-1.GA_redhat_00002.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "product": { "name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "product_id": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.4.19-1.GA_redhat_00002.1.el9eap?arch=noarch" } } }, { "category": "product_version", "name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "product": { "name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "product_id": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.4.19-1.GA_redhat_00002.1.el9eap?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "product": { "name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "product_id": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/eap7-jboss-cert-helper@1.1.3-1.redhat_00001.1.el9eap?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src" }, "product_reference": "eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src" }, "product_reference": "eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src" }, "product_reference": "eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src" }, "product_reference": "eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src" }, "product_reference": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64 as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64" }, "product_reference": "eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src" }, "product_reference": "eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch" }, "product_reference": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src" }, "product_reference": "eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch" }, "product_reference": "eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch" }, "product_reference": "eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src" }, "product_reference": "eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch" }, "product_reference": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src" }, "product_reference": "eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch" }, "product_reference": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src" }, "product_reference": "eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch" }, "product_reference": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src" }, "product_reference": "eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch" }, "product_reference": "eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch" }, "product_reference": "eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch" }, "product_reference": "eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch" }, "product_reference": "eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch" }, "product_reference": "eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch" }, "product_reference": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "relates_to_product_reference": "9Base-JBEAP-7.4" }, { "category": "default_component_of", "full_product_name": { "name": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src as a component of Red Hat JBoss EAP 7.4 for RHEL 9", "product_id": "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src" }, "product_reference": "eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src", "relates_to_product_reference": "9Base-JBEAP-7.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-34169", "cwe": { "id": "CWE-192", "name": "Integer Coercion Error" }, "discovery_date": "2022-07-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2108554" } ], "notes": [ { "category": "description", "text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-34169" }, { "category": "external", "summary": "RHBZ#2108554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2108554" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-34169", "url": "https://www.cve.org/CVERecord?id=CVE-2022-34169" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169" } ], "release_date": "2022-07-19T20:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T18:01:43+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8077" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)" }, { "cve": "CVE-2022-36033", "cwe": { "id": "CWE-87", "name": "Improper Neutralization of Alternate XSS Syntax" }, "discovery_date": "2022-09-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2127078" } ], "notes": [ { "category": "description", "text": "A flaw was found in jsoup, a Java HTML parser built for HTML editing, cleaning, scraping, and Cross-site scripting (XSS) safety. An issue in jsoup may incorrectly sanitize HTML, including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML, including `javascript:` URLs crafted with control characters, will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is possible.", "title": "Vulnerability description" }, { "category": "summary", "text": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2022-36033" }, { "category": "external", "summary": "RHBZ#2127078", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2127078" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2022-36033", "url": "https://www.cve.org/CVERecord?id=CVE-2022-36033" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033" } ], "release_date": "2022-08-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T18:01:43+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8077" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled" }, { "cve": "CVE-2023-51775", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-02-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2266921" } ], "notes": [ { "category": "description", "text": "A flaw was found in the jose.4.j (jose4j) library. The JWE key management algorithms based on PBKDF2 require a JOSE Header Parameter called p2c (PBES2 Count). This parameter dictates the number of PBKDF2 iterations needed to derive a CEK wrapping key. Its primary purpose is to intentionally slow down the key derivation function, making password brute-force and dictionary attacks more resource-intensive. However, if an attacker sets the p2c parameter in JWE to a large number, it can cause high computational consumption, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "jose4j: denial of service via specially crafted JWE", "title": "Vulnerability summary" }, { "category": "other", "text": "The vulnerability in the jose4j library, where the \"p2c\" parameter in PBKDF2-based JWE key management algorithms can be manipulated to induce high computational consumption, is classified as moderate severity due to its potential impact on service availability and resource exhaustion. By setting a large value for \"p2c\", an attacker can force the server to perform an excessive number of PBKDF2 iterations during key derivation. This results in increased CPU and memory usage, potentially leading to degraded performance or temporary denial of service.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2023-51775" }, { "category": "external", "summary": "RHBZ#2266921", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266921" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2023-51775", "url": "https://www.cve.org/CVERecord?id=CVE-2023-51775" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775" } ], "release_date": "2024-02-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T18:01:43+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8077" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jose4j: denial of service via specially crafted JWE" }, { "cve": "CVE-2024-4029", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2024-04-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2278615" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.", "title": "Vulnerability description" }, { "category": "summary", "text": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat rates this as a Low impact since this requires high privileges to jeopardize the system. The management interface is normally internal/local only and not exposed externally.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-4029" }, { "category": "external", "summary": "RHBZ#2278615", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-4029", "url": "https://www.cve.org/CVERecord?id=CVE-2024-4029" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029" } ], "release_date": "2024-05-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T18:01:43+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8077" }, { "category": "workaround", "details": "Currently there is no available mitigation for this vulnerability. Please make sure to perform updates as they become available.", "product_ids": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "wildfly: No timeout for EAP management interface may lead to Denial of Service (DoS)" }, { "cve": "CVE-2024-4068", "cwe": { "id": "CWE-1050", "name": "Excessive Platform Resource Consumption within a Loop" }, "discovery_date": "2024-05-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2280600" } ], "notes": [ { "category": "description", "text": "A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "braces: fails to limit the number of characters it can handle", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-4068" }, { "category": "external", "summary": "RHBZ#2280600", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-4068", "url": "https://www.cve.org/CVERecord?id=CVE-2024-4068" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068" }, { "category": "external", "summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/", "url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/" }, { "category": "external", "summary": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308", "url": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308" }, { "category": "external", "summary": "https://github.com/micromatch/braces/issues/35", "url": "https://github.com/micromatch/braces/issues/35" } ], "release_date": "2024-03-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-10-14T18:01:43+00:00", "details": "Before applying the update, make sure all previously released errata relevant to your system have been applied. Also, back up your existing installation, including all applications, configuration files, databases and database settings. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258", "product_ids": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:8077" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hal-console-0:3.3.24-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-hibernate-validator-0:6.0.23-2.SP1_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-hibernate-validator-cdi-0:6.0.23-2.SP1_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-insights-java-client-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-0:1.5.18-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-ironjacamar-common-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-common-spi-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-api-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-core-impl-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-deployers-common-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-jdbc-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-ironjacamar-validator-0:1.5.18-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-cert-helper-0:1.1.3-1.redhat_00001.1.el9eap.x86_64", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-ejb-client-0:4.0.55-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-0:1.10.0-39.Final_redhat_00039.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jboss-server-migration-cli-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jboss-server-migration-core-0:1.10.0-39.Final_redhat_00039.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jbossws-cxf-0:5.4.12-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-jsoup-0:1.15.4-1.redhat_00003.1.el9eap.src", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-undertow-jastow-0:2.0.15-1.Final_redhat_00001.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-0:7.4.19-1.GA_redhat_00002.1.el9eap.src", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk11-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk17-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-java-jdk8-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-javadocs-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-wildfly-modules-0:7.4.19-1.GA_redhat_00002.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.noarch", "9Base-JBEAP-7.4:eap7-xalan-j2-0:2.7.1-37.redhat_00015.1.el9eap.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "braces: fails to limit the number of characters it can handle" } ] }
wid-sec-w-2024-1016
Vulnerability from csaf_certbund
Published
2024-05-02 22:00
Modified
2024-05-02 22:00
Summary
WildFly Application Server: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der WildFly Application Server ist ein Anwendungsserver nach dem Jakarta-EE-Standard.
Angriff
Ein lokaler Angreifer kann eine Schwachstelle in WildFly Application Server ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{ "document": { "aggregate_severity": { "text": "niedrig" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Der WildFly Application Server ist ein Anwendungsserver nach dem Jakarta-EE-Standard.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein lokaler Angreifer kann eine Schwachstelle in WildFly Application Server ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- Sonstiges\n- UNIX\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-1016 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1016.json" }, { "category": "self", "summary": "WID-SEC-2024-1016 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1016" }, { "category": "external", "summary": "Red Hat Bugzilla vom 2024-05-02", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615" }, { "category": "external", "summary": "RedHat Customer Portal vom 2024-05-02", "url": "https://access.redhat.com/security/cve/CVE-2024-4029" } ], "source_lang": "en-US", "title": "WildFly Application Server: Schwachstelle erm\u00f6glicht Denial of Service", "tracking": { "current_release_date": "2024-05-02T22:00:00.000+00:00", "generator": { "date": "2024-05-03T09:32:54.366+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-1016", "initial_release_date": "2024-05-02T22:00:00.000+00:00", "revision_history": [ { "date": "2024-05-02T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Open Source WildFly Application Server", "product": { "name": "Open Source WildFly Application Server", "product_id": "T034506", "product_identification_helper": { "cpe": "cpe:/a:redhat:wildfly:-" } } } ], "category": "vendor", "name": "Open Source" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-4029", "notes": [ { "category": "description", "text": "Es besteht eine Schwachstelle in WildFly Application Server. Diese Fehler betrifft die Management-Schnittstelle aufgrund des Mangels an Begrenzung von Sockets, was dazu f\u00fchrt, dass das nofile-Limit erreicht wird. Ein lokaler, privilegierter Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen." } ], "product_status": { "known_affected": [ "T034506" ] }, "release_date": "2024-05-02T22:00:00Z", "title": "CVE-2024-4029" } ] }
WID-SEC-W-2024-1016
Vulnerability from csaf_certbund
Published
2024-05-02 22:00
Modified
2024-05-02 22:00
Summary
WildFly Application Server: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der WildFly Application Server ist ein Anwendungsserver nach dem Jakarta-EE-Standard.
Angriff
Ein lokaler Angreifer kann eine Schwachstelle in WildFly Application Server ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{ "document": { "aggregate_severity": { "text": "niedrig" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Der WildFly Application Server ist ein Anwendungsserver nach dem Jakarta-EE-Standard.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein lokaler Angreifer kann eine Schwachstelle in WildFly Application Server ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- Sonstiges\n- UNIX\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-1016 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1016.json" }, { "category": "self", "summary": "WID-SEC-2024-1016 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1016" }, { "category": "external", "summary": "Red Hat Bugzilla vom 2024-05-02", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615" }, { "category": "external", "summary": "RedHat Customer Portal vom 2024-05-02", "url": "https://access.redhat.com/security/cve/CVE-2024-4029" } ], "source_lang": "en-US", "title": "WildFly Application Server: Schwachstelle erm\u00f6glicht Denial of Service", "tracking": { "current_release_date": "2024-05-02T22:00:00.000+00:00", "generator": { "date": "2024-05-03T09:32:54.366+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-1016", "initial_release_date": "2024-05-02T22:00:00.000+00:00", "revision_history": [ { "date": "2024-05-02T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Open Source WildFly Application Server", "product": { "name": "Open Source WildFly Application Server", "product_id": "T034506", "product_identification_helper": { "cpe": "cpe:/a:redhat:wildfly:-" } } } ], "category": "vendor", "name": "Open Source" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-4029", "notes": [ { "category": "description", "text": "Es besteht eine Schwachstelle in WildFly Application Server. Diese Fehler betrifft die Management-Schnittstelle aufgrund des Mangels an Begrenzung von Sockets, was dazu f\u00fchrt, dass das nofile-Limit erreicht wird. Ein lokaler, privilegierter Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen." } ], "product_status": { "known_affected": [ "T034506" ] }, "release_date": "2024-05-02T22:00:00Z", "title": "CVE-2024-4029" } ] }
gsd-2024-4029
Vulnerability from gsd
Modified
2024-04-23 05:02
Details
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Aliases
{ "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2024-4029" ], "id": "GSD-2024-4029", "modified": "2024-04-23T05:02:11.173931Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2024-4029", "STATE": "RESERVED" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } } } }
ghsa-x7g6-rwhc-g7mj
Vulnerability from github
Published
2024-05-02 15:30
Modified
2024-11-05 03:30
Severity ?
Summary
Wildfly vulnerable to denial of service
Details
A vulnerability was found in Wildfly’s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.
{ "affected": [ { "package": { "ecosystem": "Maven", "name": "org.wildfly:wildfly-domain-http" }, "ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "24.0.0.Final" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2024-4029" ], "database_specific": { "cwe_ids": [ "CWE-770" ], "github_reviewed": true, "github_reviewed_at": "2024-05-03T20:11:59Z", "nvd_published_at": "2024-05-02T15:15:07Z", "severity": "MODERATE" }, "details": "A vulnerability was found in Wildfly\u2019s management interface. Due to the lack of limitation of sockets for the management interface, it may be possible to cause a denial of service hitting the nofile limit as there is no possibility to configure or set a maximum number of connections.", "id": "GHSA-x7g6-rwhc-g7mj", "modified": "2024-11-05T03:30:45Z", "published": "2024-05-02T15:30:35Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4029" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2024:8075" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2024:8076" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2024:8077" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2024:8080" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2024:8823" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2024:8824" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2024:8826" }, { "type": "WEB", "url": "https://access.redhat.com/security/cve/CVE-2024-4029" }, { "type": "WEB", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278615" }, { "type": "PACKAGE", "url": "https://github.com/wildfly/wildfly" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ], "summary": "Wildfly vulnerable to denial of service" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.